514680 – (CVE-2014-3471) <app-emulation/qemu-2.1.0-r1: hw: pci: use after free triggered via guest (CVE-2014-3471)

Bug 514680 (CVE-2014-3471) - <app-emulation/qemu-2.1.0-r1: hw: pci: use after free triggered via guest (CVE-2014-3471)

Summary: <app-emulation/qemu-2.1.0-r1: hw: pci: use after free triggered via guest (CV...

Status:	RESOLVED FIXED

Alias:	CVE-2014-3471

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://lists.gnu.org/archive/html/qe...
Whiteboard:	B3 [glsa]
Keywords:

Depends on:
Blocks:

Reported:	2014-06-23 13:30 UTC by Kristian Fiskerstrand (RETIRED)
Modified:	2014-12-08 22:48 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kristian Fiskerstrand (RETIRED) gentoo-dev

2014-06-23 13:30:21 UTC

Qemu PCIe bus support is vulnerable to a use-after-free flaw. It could occur
via guest, when it tries to hotplug/hotunplug devices on the guest.

A user able to add & delete Virtio block devices on a guest could use this
flaw to crash the Qemu instance resulting in DoS.

Upstream fix in ${URL}

Comment 1 SpanKY gentoo-dev

2014-08-04 06:50:02 UTC

qemu-2.1.0 is in the tree now.  i think we should wait the normal 30 day period.

Comment 2 Yury German Gentoo Infrastructure

2014-09-09 19:48:22 UTC

Stabilized in Bug # 520688

Comment 3 Yury German Gentoo Infrastructure

2014-10-05 01:52:01 UTC

Arches and Mainter(s), Thank you for your work.

Added to an existing GLSA request.

Comment 4 GLSAMaker/CVETool Bot gentoo-dev

2014-12-08 22:48:20 UTC

This issue was resolved and addressed in
 GLSA 201412-01 at http://security.gentoo.org/glsa/glsa-201412-01.xml
by GLSA coordinator Kristian Fiskerstrand (K_F).