| Summary: | <app-emulation/qemu-2.7.0-r5: audio: intel-hda: infinite loop in processing dma buffer stream (CVE-2016-8909) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | qemu+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1388052 | ||
| Whiteboard: | B3 [glsa cve] | ||
| Package list: | Runtime testing required: | --- | |
Stabilization on bug #598046 commit 5a981e9d23127c779dc8ecb1d05ef08fe4d3a011 Author: Matthias Maier <tamiko@gentoo.org> Date: Wed Oct 26 16:47:50 2016 -0500 app-emulation/qemu: multiple security fixes for 2.7.0-r5 CVE-2016-7907, bug 596048 CVE-2016-7908, bug 596048 CVE-2016-7909, bug 596048 CVE-2016-7994, bug 596738 CVE-2016-7994, bug 596738 CVE-2016-8576, bug 596752 CVE-2016-8577, bug 596776 CVE-2016-8578, bug 596774 CVE-2016-8668, bug 597110 CVE-2016-8669, bug 597108 CVE-2016-8669, bug 597108 CVE-2016-8909, bug 598044 CVE-2016-8910, bug 598046 Package-Manager: portage-2.3.0 2.7.0-r5 is stable, all vulnerable versions dropped. Security, please vote. This issue was resolved and addressed in GLSA 201611-11 at https://security.gentoo.org/glsa/201611-11 by GLSA coordinator Aaron Bauman (b-man). |
From ${URL} : Quick Emulator(Qemu) built with the Intel HDA controller emulation support is vulnerable to an infinite loop issue. It could occur while processing the DMA buffer stream while doing data transfer in 'intel_hda_xfer'. A privileged user inside guest could use this flaw to consume excessive CPU cycles on the host, resulting in DoS. Upstream patch -------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04717.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.