Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 720896 (CVE-2020-10717) - <app-emulation/qemu-5.1.0: Denial of service by file descriptor exhaustion in shared virtio-fs directory (CVE-2020-10717)
Summary: <app-emulation/qemu-5.1.0: Denial of service by file descriptor exhaustion in...
Status: RESOLVED FIXED
Alias: CVE-2020-10717
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.openwall.com/lists/oss-se...
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on: CVE-2020-10761, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13791, CVE-2020-13800
Blocks:
  Show dependency tree
 
Reported: 2020-05-04 06:36 UTC by Sam James
Modified: 2020-11-11 03:51 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2020-05-04 06:36:37 UTC
From URL:

   Hello,

A potential DoS issue was found in the virtio-fs shared file system daemon 
(virtiofsd) implementation of the QEMU. Virtiofsd is meant to share a host 
file system directory with a guest via virtio-fs device. The said DoS may 
occur on the host, if the guest was to open the maximum number of file 
descriptors under the shared directory. A guest user/process may use this flaw 
to cause DoS issue on the host.

Upstream patch(es):
-------------------
   -> https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg00143.html
   -> https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg00141.html

This issue was reported by Yuval Avrahami of Palo Alto Networks.
Comment 1 Sam James archtester gentoo-dev Security 2020-05-04 06:38:48 UTC
Landed upstream already: https://git.qemu.org/?p=qemu.git;a=commit;h=8c1d353d107b4fc344e27f2f08ea7fa25de2eea2

@maintainer(s), you may wish to apply other patches relating to virtiofsd too, committed before/after.
Comment 2 John Helmert III (ajak) 2020-08-14 02:32:07 UTC
Fix is in 5.1.0.

qemu $ git tag --contains=8c1d353d107b4
v5.1.0
v5.1.0-rc0
v5.1.0-rc1
v5.1.0-rc2
v5.1.0-rc3
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2020-11-11 03:49:54 UTC
This issue was resolved and addressed in
 GLSA 202011-09 at https://security.gentoo.org/glsa/202011-09
by GLSA coordinator Sam James (sam_c).
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2020-11-11 03:50:19 UTC
This issue was resolved and addressed in
 GLSA 202011-09 at https://security.gentoo.org/glsa/202011-09
by GLSA coordinator Sam James (sam_c).