oss-sec mailing list archives

CVE request Qemu: net: inifinte loop in imx_fec_do_tx() function

From: P J P <ppandit () redhat com>
Date: Mon, 3 Oct 2016 16:37:43 +0530 (IST)

  Hello,

Quick Emulator(Qemu) built with the i.MX Fast Ethernet Controller emulatorsupport is vulnerable to an infinite loop issue. It could occur whileprocessing packets on the transmit queue in 'imx_fec_do_tx'.

A privileged user/process inside guest could use this issue to crash the Qemuprocess on the host leading to DoS.


Upstream patch
--------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05556.html

This issue was reported by Li Qiang of 360.cn Inc.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Current thread:

CVE request Qemu: net: inifinte loop in imx_fec_do_tx() function P J P (Oct 03)
- Re: CVE request Qemu: net: inifinte loop in imx_fec_do_tx() function cve-assign (Oct 03)