oss-sec mailing list archives

Re: CVE request Qemu: 9pfs: potential NULL dereferencein 9pfs routines

From: cve-assign () mitre org
Date: Mon, 10 Oct 2016 13:53:32 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Quick Emulator(Qemu) built with the virtio-9p back-end support is vulnerable
to a null pointer dereference issue. It could occur while doing an I/O vector
unmarshalling operation in v9fs_iov_vunmarshal() routine.

A privileged user/process inside guest could use this flaw to crash the Qemu
process instance resulting in DoS.

https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html


Use CVE-2016-8578.

This is not yet available at
http://git.qemu.org/?p=qemu.git;a=history;f=fsdev/9p-iov-marshal.c but
that may be an expected place for a later update.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX+9Q5AAoJEHb/MwWLVhi2mwMP/0jl7A1btTRICOrx2gAEjWOR
+q8XeDpGWNXOKf1+XKpVPwrwLZ7jDuvuR3VfBgwOtpA7hMoLAcIX8G6m+FlLHwlX
dJafKAaunKt0L4LFV0l8Qbe2vSITJHF8yY8ftfEkRjx+yozwh4waJYPsmU4M1Akr
atzlUD24VsiW7UFfITEFC6N428ms2ReYL5P6o0uRgoXWVo8/3uBpaj7daH6BaCzb
1MBBcbV5Zn/qSDSM115WcN2rO3W3jBL2chUPAd/rJlr0JqiVFCVxodFvrW0Tl0Jp
K5InpRCqpBrPZrWMRFDaZj8Saf+6IWI5Q0WI15DqJXQtnJMgndEksAIJWT7SboIL
FVROFUlO7XkICK0riBgJVAV+ZII7u8IJ0dchxV555dErvsVneJllpQag9iisN9Hj
PAXg2I+kbPAb1DWoXhUDbzg/HcNgvHUk+6GYZUHAMVbp6ENggCrHmEj9R5zxRatD
vmpgv+OVhlRTCBsvDNDILSALk6TRWM5Ol6/iLHC+qBXbcRNi5kYdGAXZk5bvT1IW
BnQeRLlotkFFmY3BWVvj9r4phLfjS4AHDIslI+oRYRroe4Dm+sSYky3N6+yZVMuH
Cyh1g1X7sI7fiBA9lCJzMCYBsmnsE6Fk6tA+NqHmk3zU3lR8tSXtVpbNv15vL4XO
AgAKlVBqomng0+P1MIeh
=L1Fq
-----END PGP SIGNATURE-----

Current thread:

CVE request Qemu: 9pfs: potential NULL dereferencein 9pfs routines P J P (Oct 10)
- Re: CVE request Qemu: 9pfs: potential NULL dereferencein 9pfs routines cve-assign (Oct 10)