Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 593038 (CVE-2016-7157)

Summary: <app-emulation/qemu-2.7.0-r2: scsi: mptsas: invalid memory access while building configuration pages
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: minor CC: qemu+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [glsa cve]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 593034, 593036, 593284, 593950, 593956    

Description Agostino Sarubbo gentoo-dev 2016-09-07 09:38:30 UTC
From ${URL} :

Quick emulator(Qemu) built with the LSI SAS1068 Host Bus emulation support, is 
vulnerable to an invalid memory access issue. It could occur while building 
configuration page headers in 'mptsas_config_manufacturing_1'.

A privileged user inside guest could use this flaw to crash the Qemu process 
on the host, resulting in DoS.

Upstream patches:

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Matthias Maier gentoo-dev 2016-09-09 05:28:00 UTC
commit b28fcd11405545eb2e4973f96823337531eebb08
Author: Matthias Maier <>
Date:   Fri Sep 9 00:10:05 2016 -0500

    app-emulation/qemu: fix static-user dep, security patches, bug #593038
    This commit resolves
      bug #591202
      bug #593024
      bug #593034 CVE-2016-7155
      bug #593036 CVE-2016-7156
      bug #593038 CVE-2016-7157
    Package-Manager: portage-2.2.28
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2016-09-10 01:40:11 UTC
Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself.
Comment 3 Matthias Maier gentoo-dev 2016-09-10 02:29:14 UTC
Arches, please stabilize

Target-keywords:"amd64 x86"
Comment 4 Agostino Sarubbo gentoo-dev 2016-09-10 12:50:24 UTC
amd64 stable
Comment 5 Matthias Maier gentoo-dev 2016-09-18 04:40:18 UTC
I hijack the stabilization for another round:

Arches, please stabilize

Target-keywords:"amd64 x86"

commit b50850bf14489740441b408a2d45f6e64d724f7d
Author: Matthias Maier <>
Date:   Sat Sep 17 23:02:53 2016 -0500

    app-emulation/qemu: security fixes, ebuild maintenance
    bug 593956: CVE-2016-7422
    bug 593950: CVE-2016-7421
    bug 590230: missing use depend opengl? ( media-libs/mesa[...,gbm] )
    bug 575326: update to readme.gentoo-r1 eclass
    Package-Manager: portage-2.2.28
Comment 6 Agostino Sarubbo gentoo-dev 2016-09-18 17:10:36 UTC
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-09-18 17:11:36 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 8 Yury German Gentoo Infrastructure gentoo-dev 2016-09-25 23:07:25 UTC
Arches, Thank you for your work.
Added to an existing GLSA Request.

Maintainer(s), please drop the vulnerable version(s).
Comment 9 Matthias Maier gentoo-dev 2016-09-26 00:16:25 UTC
commit 4dd281902e043e8e8299cf9991aa4841076ae66b
Author: Matthias Maier <>
Date:   Sun Sep 25 19:15:20 2016 -0500

    app-emulation/qemu: drop vulnerable versions 2.7.0, 2.7.0-r2
    Package-Manager: portage-2.2.28
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2016-09-26 00:39:31 UTC
This issue was resolved and addressed in
 GLSA 201609-01 at
by GLSA coordinator Yury German (BlueKnight).