Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 557206 (CVE-2015-5745)

Summary: <app-emulation/qemu-2.3.0-r6: buffer overflow in virtio-serial (CVE-2015-5745)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: qemu+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html
See Also: https://bugzilla.redhat.com/show_bug.cgi?id=1251157
Whiteboard: B3 [glsa cve]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2015-08-10 10:28:27 UTC
From ${URL} :

It was reported that Qemu emulator built with the virtio-serial vmchannel support is vulnerable to a buffer overflow issue. It could occur while exchanging virtio control messages between guest & the host.

A malicious guest could use this flaw to corrupt few bytes of Qemu memory area, potentially crashing the Qemu process.

Upstream fix: https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 2 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2015-08-10 11:12:53 UTC
(In reply to SpanKY from comment #1)
> http://gitweb.gentoo.org/repo/gentoo.git/commit/
> ?id=03aa7f1902aba68926f08b4e85f95ee9f474910a

Should we wait before go stable? Or can we stabilize that?
Comment 3 SpanKY gentoo-dev 2015-08-10 15:08:31 UTC
stable is fine
Comment 4 Agostino Sarubbo gentoo-dev 2015-12-18 17:12:58 UTC
stabilized in another bug.

cleanup done by vapier
Comment 5 Yury German Gentoo Infrastructure gentoo-dev 2015-12-25 00:23:57 UTC
Arches and Maintainer(s), Thank you for your work.

Added to an existing GLSA Request.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2016-02-04 09:33:30 UTC
This issue was resolved and addressed in
 GLSA 201602-01 at https://security.gentoo.org/glsa/201602-01
by GLSA coordinator Kristian Fiskerstrand (K_F).