Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 290643 (CVE-2009-3616)

Summary: <app-emulation/qemu-0.11.1 Denial of Service (CVE-2009-3616)
Product: Gentoo Security Reporter: Tobias Heinlein (RETIRED) <keytoaster>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED OBSOLETE    
Severity: minor CC: lu_zero
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=501131
Whiteboard: B0 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 252266    
Bug Blocks:    

Description Tobias Heinlein (RETIRED) gentoo-dev 2009-10-26 21:52:04 UTC 
Another vulnerability has been found, see $URL for more details and patches.

It seems unclear to me if 0.9.x is also affected. However, we still have bug #252266 open which affects 0.9.x.
Apparently 0.10.x and 0.11.x are the way to go these days. Do we want to fix 0.9.x and figure out whether this issue here also affects 0.9.x (and if yes, backport the relatively long patch), or should be apply the existing backported patch for 0.10.6 and stabilise that (or even 0.11.x)?

Luca, please advise.
Comment 1 Tobias Heinlein (RETIRED) gentoo-dev 2009-10-26 21:55:48 UTC 
CVE-2009-3616 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3616):
  Multiple use-after-free vulnerabilities in vnc.c in the VNC server in
  QEMU 0.10.6 and earlier might allow guest OS users to execute
  arbitrary code on the host OS by establishing a connection from a VNC
  client and then (1) disconnecting during data transfer, (2) sending a
  message using incorrect integer data types, or (3) using the Fuzzy
  Screen Mode protocol, related to double free vulnerabilities.
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2009-11-06 14:13:34 UTC 
VMs are often used for security reasons, setting whiteboard.
Comment 3 Sean Amoss (RETIRED) gentoo-dev Security 2012-03-09 17:33:34 UTC 
Creating new GLSA request
Comment 4 Doug Goldstein (RETIRED) gentoo-dev 2012-10-20 16:51:17 UTC 
Affected versions are removed from the tree.
Comment 5 Doug Goldstein (RETIRED) gentoo-dev 2013-08-28 01:23:41 UTC 
@security: follow up ping
Comment 6 Chris Reffett (RETIRED) gentoo-dev Security 2013-08-28 01:58:49 UTC 
Four year old bugs aren't worth the time. Byebye.