From ${URL} : Qemu emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers(IMR). A privileged(CAP_SYS_RAWIO) guest user could use this flaw to crash the Qemu process instance resulting in DoS. Upstream patch: - --------------- -> http://git.qemu.org/?p=qemu.git;a=commit;h=c6048f849c7e3f009786df76206e895 Reference: - ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=1270876
this is included in the 2.5.0 release in the tree. no plans to backport to 2.4.
The stabilization happened in bug 571566
CVE-2015-8745 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8745): A reachable-assertion flaw was found in the QEMU emulator built with VMWARE-VMXNET3 paravirtualized NIC emulator support. The flaw could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could exploit this flaw to crash the QEMU process instance, resulting in denial of service.
Added to existing GLSA draft
This issue was resolved and addressed in GLSA 201602-01 at https://security.gentoo.org/glsa/201602-01 by GLSA coordinator Kristian Fiskerstrand (K_F).