Summary: | <app-emulation/qemu-2.10.0: denial of service (assertion failure) (CVE-2017-13673) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13673 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 629350 | ||
Bug Blocks: |
Description
D'juan McDonald (domhnall)
2017-08-29 18:39:25 UTC
This is fixed upstream in qemu-2.10.0 (In reply to Matthias Maier from comment #1) > This is fixed upstream in qemu-2.10.0 Has it been backported to 2.9.x? (In reply to Aaron Bauman from comment #2) > Has it been backported to 2.9.x? Fixes: CVE-2017-13673 +Fixes: fec5e8c92becad223df9d972770522f64aafdb72 +Cc: P J P <ppandit@redhat.com> +Reported-by: David Buchanan <d@vidbuchanan.co.uk> +Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> +Message-id: 20170828123307.15392-1-kraxel@redhat.com + +Upstream-Status: Backport +[https://git.qemu.org/?p=qemu.git;a=commit;h=e65294157d4b69393b3f819c99f4f647452b48e3] + +CVE: CVE-2017-13673 + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> "Impact: DoS for privileged guest users. " ------------------------------------------- It appears this was indeed backported to 2.9.x |