Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 628498 (CVE-2017-12809) - <app-emulation/qemu-2.10.0: Qemu: ide: flushing of empty CDROM drives leads to NULL dereference (CVE-2017-12809)
Summary: <app-emulation/qemu-2.10.0: Qemu: ide: flushing of empty CDROM drives leads t...
Status: RESOLVED FIXED
Alias: CVE-2017-12809
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://seclists.org/oss-sec/2017/q3/332
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: CVE-2017-13711
Blocks:
  Show dependency tree
 
Reported: 2017-08-21 12:33 UTC by D'juan McDonald (domhnall)
Modified: 2017-11-12 21:45 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2017-08-21 12:33:40 UTC
From $URL:
 
 Quick emulator built with the IDE disk and CD/DVD-ROM Emulator support is 
 vulnerable to a null pointer dereference issue. It could occur while flushing 
 an empty CDROM device drive.
 
 A privileged user inside guest could use this flaw to crash the Qemu process 
 resulting in DoS.
 
 Upstream patch:
 ---------------
 -> https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01850.html
 
 'CVE-2017-12809' assigned via ->...
http://seclists.org/oss-sec/2017/q3/332
Comment 1 D'juan McDonald (domhnall) 2017-08-22 05:22:08 UTC
@Maintainer(s): Please follow procedure to close this report. Thank you.

Daj'Uan (mbailey_j)
Gentoo Security Scout
Comment 2 D'juan McDonald (domhnall) 2017-08-22 12:35:01 UTC
Source:https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01841.html

Patch 1/4
https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01850.html

Patch 2/4
https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01580.html

Patch 3/4
https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01581.html

Patch 4/4
https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01582.html


@maintainter(s), if possible please test, then follow procedure to stabilize and close on report. Thank you!

Daj'Uan (mbailey_j)
Gentoo Security Scout
Comment 3 Matthias Maier gentoo-dev 2017-09-01 02:02:27 UTC
Patches 1 and 2 are applied upstream in version 2.10.0

Patches 3 and 4 are rejected upstream and a related fix is in progress. I believe the immediate problem with CVE-2017-12809 is resolved by patches 1 + 2.