559484 – (CVE-2015-5239) <app-emulation/qemu-2.1.0: vnc infinite loop issue

Bug 559484 (CVE-2015-5239) - <app-emulation/qemu-2.1.0: vnc infinite loop issue

Summary: <app-emulation/qemu-2.1.0: vnc infinite loop issue

Status:	RESOLVED OBSOLETE

Alias:	CVE-2015-5239

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	http://www.openwall.com/lists/oss-sec...
Whiteboard:	B3 [upstream/ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2015-09-03 08:51 UTC by Agostino Sarubbo
Modified:	2015-09-07 05:05 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2015-09-03 08:51:11 UTC

From ${URL} :

Qemu emulator built with the VNC display driver is vulnerable to an infinite 
loop issue. It could occur while processing a CLIENT_CUT_TEXT message with 
specially crafted payload message.

A privileged guest user could use this flaw to crash the Qemu process on the 
host, resulting in DoS.

Upstream fix:
-------------
   -> http://git.qemu.org/?p=qemu.git;a=commit;h=f9a70e79391f6d7c2a912d785239ee8effc1922d



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.

Comment 1 SpanKY gentoo-dev

2015-09-07 05:05:58 UTC

that fix is in qemu-2.1.0.  not sure why they've gone and posted an announce now (over a year later) and requested a CVE for it.