Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 585368

Summary: app-emulation/qemu: scsi: megasas: information leakage in megasas_ctrl_get_info
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: minor CC: qemu+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1343909
Whiteboard:
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2016-06-08 10:12:30 UTC
From ${URL} :

Quick Emulator(Qemu) built with the MegaRAID SAS 8708EM2 Host Bus Adapter
emulation support is vulnerable to an information leakage issue. It
could occur while processing MegaRAID Firmware Interface(MFI) command to read
device control information in 'megasas_ctrl_get_info'.

A privileged user inside guest could use this flaw to leak host memory bytes.

Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html

Reference:
----------
  -> http://www.openwall.com/lists/oss-security/2016/06/08/3


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Aaron Bauman (RETIRED) gentoo-dev 2016-07-01 00:15:33 UTC
This same issue was addressed in CVE-2016-5337.

*** This bug has been marked as a duplicate of bug 584094 ***