Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 717770 (CVE-2020-1711)

Summary: <app-emulation/qemu-4.2.0-r5: Out of bounds buffer read in iSCSI (CVE-2020-1711)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: tamiko, virtualization
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=717154
https://bugs.gentoo.org/show_bug.cgi?id=716518
Whiteboard: B2 [glsa+ cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2020-04-16 23:44:39 UTC 
CVE-2020-1711 (https://nvd.nist.gov/vuln/detail/CVE-2020-1711):
  An out-of-bounds heap buffer access flaw was found in the way the iSCSI
  Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming
  from an iSCSI server while checking the status of a Logical Address Block
  (LBA) in an iscsi_co_block_status() routine. A remote user could use this
  flaw to crash the QEMU process, resulting in a denial of service or
  potential execution of arbitrary code with privileges of the QEMU process on
  the host.
Comment 1 Larry the Git Cow gentoo-dev 2020-04-18 22:06:44 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3d64329bfa3c175fc678d0dba06d2618cdb2ee89

commit 3d64329bfa3c175fc678d0dba06d2618cdb2ee89
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2020-04-18 21:49:15 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2020-04-18 22:05:37 +0000

    app-emulation/qemu: add security patch
    
    Bug: https://bugs.gentoo.org/717770
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 app-emulation/qemu/Manifest             |   1 +
 app-emulation/qemu/qemu-4.2.0-r5.ebuild | 833 ++++++++++++++++++++++++++++++++
 2 files changed, 834 insertions(+)
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2020-05-12 23:33:55 UTC 
This issue was resolved and addressed in
 GLSA 202005-02 at https://security.gentoo.org/glsa/202005-02
by GLSA coordinator Thomas Deutschmann (whissi).