| Summary: | <app-emulation/qemu-2.8.0-r3: nbd: oob stack write in client routine drop_sync | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | qemu+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1422415 | ||
| Whiteboard: | B2 [glsa cve] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 609206 | ||
| Bug Blocks: | |||
Arches and Maintainer(s), Thank you for your work. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201704-01 at https://security.gentoo.org/glsa/201704-01 by GLSA coordinator Kristian Fiskerstrand (K_F). |
From ${URL} : Quick Emulator(Qemu) built with the Network Block Device(NBD) client support is vulnerable to a stack buffer overflow issue. It could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the Qemu process. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/02/15/2 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.