253641 – (CVE-2008-4539) app-emulation/kvm<82 and app-emulation/qemu<svn20081101-1 Heap-based buffer overflow in Cirrus VGA (CVE-2008-4539)

Bug 253641 (CVE-2008-4539) - app-emulation/kvm<82 and app-emulation/qemu<svn20081101-1 Heap-based buffer overflow in Cirrus VGA (CVE-2008-4539)

Summary: app-emulation/kvm<82 and app-emulation/qemu<svn20081101-1 Heap-based buffer o...

Status:	RESOLVED FIXED

Alias:	CVE-2008-4539

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High minor
Assignee:	Gentoo Security

URL:	http://git.kernel.dk/?p=qemu.git;a=co...
Whiteboard:	~3 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2009-01-04 01:44 UTC by Stefan Behte (RETIRED)
Modified:	2009-01-05 02:21 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Behte (RETIRED) gentoo-dev

2009-01-04 01:44:44 UTC

CVE-2008-4539 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4539):
  Heap-based buffer overflow in the Cirrus VGA implementation in (1)
  KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might
  allow local users to gain privileges by using the VNC console for a
  connection, aka the LGD-54XX "bitblt" heap overflow.  NOTE: this
  issue exists because of an incorrect fix for CVE-2007-1320.

Comment 1 Daniel Gryniewicz (RETIRED) gentoo-dev

2009-01-05 01:32:34 UTC

82 is added.  This supposedly also fixes CVE-2007-5729 and CVE-2008-2382.

Comment 2 Stefan Behte (RETIRED) gentoo-dev

2009-01-05 02:21:50 UTC

Thanks!
Changing whiteboard to noglsa as it's not a stable package.