| Summary: | <app-emulation/qemu-2.4.0-r2: DoS in Virtual Network Device (virtio-net) (CVE-2015-7295) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | qemu+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://seclists.org/oss-sec/2015/q3/579 | ||
| Whiteboard: | B3 [glsa cve] | ||
| Package list: | Runtime testing required: | --- | |
upstream commits: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ce317461573bac12b10d67699b4ddf1f97cf066c http://git.qemu.org/?p=qemu.git;a=commitdiff;h=0cf33fb6b49a19de32859e2cdc6021334f448fb3 http://git.qemu.org/?p=qemu.git;a=commitdiff;h=29b9f5efd78ae0f9cc02dd169b6e80d2c404bade qemu-2.4.0.1 in the tree should have the fixes for this and should be fine to mark stable http://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4703b062bb7d0c6ebdf91827a3396435e6dea74a We now have 2.4.0.1-r1 do you want to go with that as stable? or with 2.4.0.1 Also 2.4.1 is now in tree @maintainers: Can you please advise on which version to stabilize? ## commit 8ba1e580c6566005cfe98625e52b94803f367528 Author: Mike Frysinger <vapier@gentoo.org> Date: Fri Nov 6 11:36:45 2015 -0500 app-emulation/qemu: version bump to 2.4.1 #564990 ## stabilized in another bug. cleanup done by vapier Arches and Maintainer(s), Thank you for your work. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201602-01 at https://security.gentoo.org/glsa/201602-01 by GLSA coordinator Kristian Fiskerstrand (K_F). |
From ${URL}: Hello, Qemu emulator built with the Virtual Network Device(virtio-net) support is vulnerable to a DoS issue. It could occur while receiving large packets over the tuntap/macvtap interfaces and when guest's virtio-net driver did not support big/mergeable receive buffers. An attacker on the local network could use this flaw to disable guest's networking by sending a large number of jumbo frames to the guest, exhausting all receive buffers and thus leading to a DoS situation. Upstream fixes: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04729.html -> https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04730.html -> https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04731.html [PATCH 3/3] above fixes this issue by discarding the used descriptors. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F