Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 598772 (CVE-2016-9106) - <app-emulation/qemu-2.7.0-r6: 9pfs: memory leakage in v9fs_write
Summary: <app-emulation/qemu-2.7.0-r6: 9pfs: memory leakage in v9fs_write
Status: RESOLVED FIXED
Alias: CVE-2016-9106
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: B4 [noglsa]
Keywords:
Depends on:
Blocks: CVE-2016-9102, CVE-2016-9103, CVE-2016-9104, CVE-2016-9105
  Show dependency tree
 
Reported: 2016-11-02 11:06 UTC by Agostino Sarubbo
Modified: 2016-11-17 07:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2016-11-02 11:06:04 UTC
From ${URL} :

Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9 
File System(9pfs) support, is vulnerable to a memory leakage issue. It could 
occur when calling v9fs_write call.

A privileged user inside guest could use this flaw to leak the host memory 
bytes resulting in DoS for other services.

Upstream patches:
-----------------
   -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html

Reference:
----------
   -> http://wiki.qemu.org/Documentation/9psetup




@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Matthias Maier gentoo-dev 2016-11-12 17:33:10 UTC
Arches, please stabilize

  =app-emulation/qemu-2.7.0-r6

Target keywords: "amd64 x86"



commit cad0a6324b5d4a5954893dfd29b5b97ee7a361d3
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Sat Nov 12 11:26:09 2016 -0600

    app-emulation/qemu: security fixes, bug #598772
    
        CVE-2016-9102, bug #598328
        CVE-2016-9103, bug #598328
        CVE-2016-9104, bug #598328
        CVE-2016-9105, bug #598328
        CVE-2016-9106, bug #598772
    
    Package-Manager: portage-2.3.0
Comment 2 Agostino Sarubbo gentoo-dev 2016-11-13 13:08:17 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2016-11-13 13:10:06 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 4 Matthias Maier gentoo-dev 2016-11-13 17:19:58 UTC
Commit e374c1ca4ae657866957ab34d42306ad61b29825
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Sun Nov 13 11:17:38 2016 -0600

    app-emulation/qemu: drop vulnerable 2.7.0-r5, bug #598772
    
    Package-Manager: portage-2.3.0
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2016-11-17 07:01:13 UTC
GLSA Vote: No