oss-sec mailing list archives
CVE-2015-5158 Qemu: scsi stack buffer overflow
From: P J P <ppandit () redhat com>
Date: Thu, 23 Jul 2015 16:20:36 +0530 (IST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,Qemu emulator built with the SCSI device emulation support is vulnerable to a stack buffer overflow issue. It could occur while parsing SCSI command descriptor block with an invalid operation code.
A privileged(CAP_SYS_RAWIO) user inside guest could use this flaw to crash the Qemu instance resulting in DoS.
Upstream fix: - ------------- -> https://lists.nongnu.org/archive/html/qemu-devel/2015-07/msg04558.html Thank you. - -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVsMb8AAoJEN0TPTL+WwQfqZMQAKJ3KxyJXTGkh8zUjqOklHn/ F25jyVZfar02oNsgc8CSBAk/ySsPUH6LWnOrTPD8ToeZtuYuDgLi6qjO6Zpa6sl/ SEdnZcJJMre79Ib1w/LLqPwd7nKeSaeXEVnX8zDR/cF4ktFrH0mmrF5B6AOSVw23 riktn/LOfMnBhyIM51Xiij5Y+yzizP0pihosjaX7s5QBfUFK4TDYPYwN5kmXizzh JGjGT9EwZgEVTe1jXNAFyuF8njz0CzU9QylyHMbRgpn3HoGBMoIIrAGw1B30TzFc cVySGLpFzy7qbho+SRqjV4+mgFyy0ueE4sspt83Cutcnv0MkXgXRlRWHM3XhT4XU GqUprZKnSMszjyh+s1GkQO64ATcouW9t1fxUkn15StOqb0xOcO5dTduZo8Pd0t9i vzKBw8zJMACHYLn5GttuW9RNTtEfzbFjF/fbl7d0rT/ET8L3tJE/F296/Enl3Uak etNbbU1eLFX5y4JfQojUzmcC2dPYnkO7jGykd2wm4NsjMT2H5havy8w7SJrJOYTz NnpudF+vuGoo6PszvFLkNj3g75TbroWNEHsNmYfZ5EsKmLAls7DFqIMFrIepUyY9 dKGhZjGwck97uKh8wFnprBczH+G9zWAVLJVGIbZuD2DjZy9Vl3ZZ9J+f/7UQSBYP 5CPYh59L4D1+GCI5ZmAX =/KWH -----END PGP SIGNATURE-----
Current thread:
- CVE-2015-5158 Qemu: scsi stack buffer overflow P J P (Jul 23)