oss-sec mailing list archives
Re: CVE request Qemu: malicious PRDT flow from guest to host
From: cve-assign () mitre org
Date: Tue, 21 Apr 2015 12:07:49 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
http://git.qemu.org/?p=qemu.git;a=commit;h=3251bdcf1c67427d964517053c3d185b46e618e8
A privileged user inside guest could use this flaw to crash the system, resulting in DoS.
| 1A: one CVE ID for the use of "return s->io_buffer_size != 0" - this | made it impossible for other parts of the code to distinguish | between the "0 bytes" case and the "0 complete sectors" case, | and caused both impacts: "leaked memory for short PRDTs" and | "infinite loops and resource usage"
Use CVE-2014-9718. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVNnVTAAoJEKllVAevmvms0B0H/RzX6rXmwAwPdSsbHlTfpzKy Kusz9igrWRwcDnymK6n+I7zcz7Faf5k4TH7TYW3l+aNsuVbxy9WDKJBS4l6zTdst s3OBdCr9JaQyQc9iPcaBqa3BzZuWHrkAaa/m5oc2hPigziom2o16Tf04WHAQyJeb 4BASKG/VCZYPEt9K8Yg4+ib3cjfO4FeC3gcfqMZqrE2ICXGpkYDPlgtRi0OSqpAl Z/ROodVc2YvBulQYt61Og1AOIXbdd1RM6NYsKWJNzcCtTaD1RUGOHt1TCuKao1Rx fKruqHAXok9G+Vs0BU0jPPzZx7mkadygxkeKcqh4l8nKVWBQakWFv9xeTFp9uTA= =OypJ -----END PGP SIGNATURE-----
Current thread:
- Re: CVE request Qemu: malicious PRDT flow from guest to host P J P (Apr 20)
- <Possible follow-ups>
- Re: CVE request Qemu: malicious PRDT flow from guest to host cve-assign (Apr 20)
- Re: Re: CVE request Qemu: malicious PRDT flow from guest to host P J P (Apr 21)
- Re: CVE request Qemu: malicious PRDT flow from guest to host cve-assign (Apr 21)
- Re: Re: CVE request Qemu: malicious PRDT flow from guest to host P J P (Apr 21)