oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

QEMU: security issues in vhost-user-gpu

From: Mauro Matteo Cascella <mcascell () redhat com>
Date: Mon, 31 May 2021 18:40:04 +0200
Hello,

Multiple security issues were identified in the virtio vhost-user GPU
device (vhost-user-gpu) of QEMU. A malicious guest could use these
flaws to leak memory from the host system or potentially crash the
QEMU process on the host, resulting in a denial of service condition.

Patch series:
https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg04536.html

The following CVEs have been assigned by Red Hat, Inc.

* CVE-2021-3544 - combined CVE for multiple memory leaks
   Upstream commits:
   https://gitlab.com/qemu-project/qemu/-/commit/86dd8fac
   https://gitlab.com/qemu-project/qemu/-/commit/b9f79858
   https://gitlab.com/qemu-project/qemu/-/commit/b7afebcf
   https://gitlab.com/qemu-project/qemu/-/commit/f6091d86
   https://gitlab.com/qemu-project/qemu/-/commit/63736af5

* CVE-2021-3545 - information disclosure due to uninitialized memory read
   Upstream commit:
   https://gitlab.com/qemu-project/qemu/-/commit/121841b2

* CVE-2021-3546 - oob write while processing VIRTIO_GPU_CMD_GET_CAPSET
   Upstream commit:
   https://gitlab.com/qemu-project/qemu/-/commit/9f22893a

Acknowledgements: Li Qiang of Tianchen Security Lab (Ant Group).

Thank  you,
Best regards.
-- 
Mauro Matteo Cascella
Red Hat Product Security
PGP-Key ID: BB3410B0
Previous By Date Next
Previous By Thread Next

Current thread: