oss-sec mailing list archives
Re: CVE Request Qemu: Information leak in vmxnet3_complete_packet
From: cve-assign () mitre org
Date: Wed, 17 Aug 2016 23:35:29 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Quick Emulator(Qemu) built with the VMWARE VMXNET3 NIC device support is vulnerable to an information leakage issue. It could occur while processing transmit(tx) queue, when it reaches the end of packet. A privileged user inside guest could use this leak host memory bytes to a guest. https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html https://bugzilla.redhat.com/show_bug.cgi?id=1366369
Use CVE-2016-6836. This is not yet available at http://git.qemu.org/?p=qemu.git;a=history;f=hw/net/vmxnet3.c but that may be an expected place for a later update. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXtSaEAAoJEHb/MwWLVhi2NPQP/jEAHJPU608e4Z/Oq5WhrH8e DMg3XVb8R8PvNlJ5IFAB6RLIYHDxZWJrA13XUV+bSz2rYV+8wSRGYsSLqhztOU8G NXuEO1a1bxeQI/Y/6IuZyuIJph5nvKJKx49pWZEMtLfTTk5NDvHO13GQxoHM9st8 0RhDvPQ91fHhvDIIzFJOdvpn7LwEKCebtEb97mMmUza2d7QQIfgM2nSPAZwmbbHu kySYOO+Y0JkotjQCNRLg4ylBhr2u3P7V524HYIPvJy5Us4neNYk4876yHknOhmET JH9lVBVT5gb8vRNu6N6yw4cLia4CJGoZUgn7GFiKldIEZ8dDVyjdJ0VpTzCyIxbb o3w2iZbxUT34ZrUtZ7HNeX0eLwlDD/WH4SgQYl4VYr0wHffpE3w2luEBQh81xOLy lMZmSOpvYoL1OOS9+I7jsNBd6QzOzBMRQxLSyAVktFhgZCzp1Y+PDywFmdDXJJ/I qZ1e2kAWm+FfmOQ/ZKaqI0PEPpSKrONWJh/nEVy+HBTmCuOkGCDJMus3AKxEb5DP EYWvcZq7wWysQ6dcv/XpBt4sueKTUGhJOSK4EUP7ruUCH05O3sNduUU7eZKmMSJQ ZaC3drLG9yPRHQGHCwf+pL0RY05I3n34StIPRmVP4urOgUHdAOJ3yqQPOgrMwC4S p7oeXAQw0bpbfTAVXsgl =gIck -----END PGP SIGNATURE-----
Current thread:
- CVE Request Qemu: Information leak in vmxnet3_complete_packet P J P (Aug 11)
- Re: CVE Request Qemu: Information leak in vmxnet3_complete_packet cve-assign (Aug 17)