Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <81a289a4d4114679beb6de0627777384@imshyb02.MITRE.ORG>
Date: Thu, 22 Dec 2016 18:59:21 -0500
From: <cve-assign@...re.org>
To: <ppandit@...hat.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>,
	<zhenhaohong@...il.com>
Subject: Re: CVE request Qemu: display: virtio-gpu: out of bounds read in virtio_gpu_set_scanout

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is
> vulnerable to an OOB read issue. It could occur while processing
> 'VIRTIO_GPU_CMD_SET_SCANOUT:' command.
> 
> A guest user/process could use this flaw to crash the Qemu process instance
> resulting in Dos.
> 
> http://git.qemu.org/?p=qemu.git;a=commit;h=acfc4846508a02cc4c83aa27799fd7
> http://git.qemu.org/?p=qemu.git;a=commit;h=2fe760554eb3769d70f608a158474f

>> The scanout id should not be above the configured num_scanouts.

Use CVE-2016-10029.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYXGfnAAoJEHb/MwWLVhi2XawP/jE9QxYK30gG1aMK8peEuX3a
b59gBHobECBcTLX2A8NUXN7/C5fIUhOUwiAj00sHEZjyZkJA8NONIfC3ussRlrkU
GfFnFnYT6h5mprlh9EGaiXjENCGxWFYTZ1PeAieGpJV4VPWDzGr49L7p8lleLKS5
arhNsgBXnJO/H6Wlk2JGlZRQAR6B+0rmhrpvQzZz0ry711f3sdkJ0bPIqPr3SrMS
SBlARTOYKueTenW3z/o3U1YxKUx/y9/pkXbaEcRueGuUfCDQ7VEone4VzuqQG7Wo
AJvkLoPX81TMShec4A9AKjMOohtDlDpnMB5afCHL8940u05BVLBk9n8Nw7hZbXZ+
oETpGdXAVtXnJodBwfvY/tWQ5mJIkcCXNJefGEw1a0xM1JmGbYnfXCrqNEBJKboJ
UAmL1wx6k4XZ698/akQupRkIIsSsEi3pwuK+3RBnHtbmkRiKVyiA0oRWyLFvas7u
1Ij+iYb8xPGFdgAF/CuGvhkqsNWuZJIK0J8Qgxq7Tobt/EPdU86yt3cY4BjRBLr4
VVOt9hjJKoUiIyszmeuwEK10G9UxqSu9RqK6siAOj+hEJCoMeqWx9Cdi2QgUaRwX
saqhI5Y0pvcxccU/BN6spVWzRMpCp49D8t610pCEfLQE18mp+BqRAsPAN39j9RXZ
V9XNIsxkhbOaBh0BwUqV
=8Vzd
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.