| Summary: | <app-emulation/qemu-2.7.0: net: vmxnet: Information leakage in vmxnet3_complete_packet (CVE-2016-6836) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | qemu+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1366369 | ||
| Whiteboard: | B4 [glsa cve] | ||
| Package list: | Runtime testing required: | --- | |
Fix applied to 2.7.0. Stabilization of 2.7.0 in #592430 commit ceb67390ecbe843f184b5bde6428cb9e2f3dcd81 Author: Matthias Maier <tamiko@gentoo.org> Date: Mon Sep 5 00:18:46 2016 -0500 app-emulation/qemu: apply patch for CVE-2016-6836, bug #591242 Package-Manager: portage-2.2.28 Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201609-01 at https://security.gentoo.org/glsa/201609-01 by GLSA coordinator Yury German (BlueKnight). |
From ${URL} : Quick Emulator(Qemu) built with the VMWARE VMXNET3 NIC device support is vulnerable to an information leakage issue. It could occur while processing transmit(tx) queue, when it reaches the end of packet. A privileged user inside guest could use this leak host memory bytes to a guest. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.