Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 571564 (CVE-2015-8745) - <app-emulation/qemu-2.5.0-r1: net: vmxnet3: reading IMR registers leads to a crash (CVE-2015-8745)
Summary: <app-emulation/qemu-2.5.0-r1: net: vmxnet3: reading IMR registers leads to a ...
Alias: CVE-2015-8745
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa cve cleanup]
Depends on:
Reported: 2016-01-11 17:01 UTC by Agostino Sarubbo
Modified: 2016-02-04 09:35 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2016-01-11 17:01:14 UTC
From ${URL} :

Qemu emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is 
vulnerable to crash issue. It could occur while reading Interrupt Mask 

A privileged(CAP_SYS_RAWIO) guest user could use this flaw to crash the Qemu 
process instance resulting in DoS.

Upstream patch:
- ---------------

- ----------
Comment 1 SpanKY gentoo-dev 2016-01-18 04:36:40 UTC
this is included in the 2.5.0 release in the tree.  no plans to backport to 2.4.
Comment 2 Agostino Sarubbo gentoo-dev 2016-01-26 15:03:17 UTC
The stabilization happened in bug 571566
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2016-01-26 19:08:01 UTC
CVE-2015-8745 (
  A reachable-assertion flaw was found in the QEMU emulator built with
  VMWARE-VMXNET3 paravirtualized NIC emulator support. The flaw could occur
  while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO)
  guest user could exploit this flaw to crash the QEMU process instance,
  resulting in denial of service.
Comment 4 Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-01-26 19:08:23 UTC
Added to existing GLSA draft
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2016-02-04 09:35:39 UTC
This issue was resolved and addressed in
 GLSA 201602-01 at
by GLSA coordinator Kristian Fiskerstrand (K_F).