Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 593038 (CVE-2016-7157) - <app-emulation/qemu-2.7.0-r2: scsi: mptsas: invalid memory access while building configuration pages
Summary: <app-emulation/qemu-2.7.0-r2: scsi: mptsas: invalid memory access while build...
Alias: CVE-2016-7157
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa cve]
Depends on:
Blocks: CVE-2016-7155 CVE-2016-7156 CVE-2016-7170 CVE-2016-7421 CVE-2016-7422
  Show dependency tree
Reported: 2016-09-07 09:38 UTC by Agostino Sarubbo
Modified: 2016-09-26 00:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2016-09-07 09:38:30 UTC
From ${URL} :

Quick emulator(Qemu) built with the LSI SAS1068 Host Bus emulation support, is 
vulnerable to an invalid memory access issue. It could occur while building 
configuration page headers in 'mptsas_config_manufacturing_1'.

A privileged user inside guest could use this flaw to crash the Qemu process 
on the host, resulting in DoS.

Upstream patches:

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Matthias Maier gentoo-dev 2016-09-09 05:28:00 UTC
commit b28fcd11405545eb2e4973f96823337531eebb08
Author: Matthias Maier <>
Date:   Fri Sep 9 00:10:05 2016 -0500

    app-emulation/qemu: fix static-user dep, security patches, bug #593038
    This commit resolves
      bug #591202
      bug #593024
      bug #593034 CVE-2016-7155
      bug #593036 CVE-2016-7156
      bug #593038 CVE-2016-7157
    Package-Manager: portage-2.2.28
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2016-09-10 01:40:11 UTC
Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself.
Comment 3 Matthias Maier gentoo-dev 2016-09-10 02:29:14 UTC
Arches, please stabilize

Target-keywords:"amd64 x86"
Comment 4 Agostino Sarubbo gentoo-dev 2016-09-10 12:50:24 UTC
amd64 stable
Comment 5 Matthias Maier gentoo-dev 2016-09-18 04:40:18 UTC
I hijack the stabilization for another round:

Arches, please stabilize

Target-keywords:"amd64 x86"

commit b50850bf14489740441b408a2d45f6e64d724f7d
Author: Matthias Maier <>
Date:   Sat Sep 17 23:02:53 2016 -0500

    app-emulation/qemu: security fixes, ebuild maintenance
    bug 593956: CVE-2016-7422
    bug 593950: CVE-2016-7421
    bug 590230: missing use depend opengl? ( media-libs/mesa[...,gbm] )
    bug 575326: update to readme.gentoo-r1 eclass
    Package-Manager: portage-2.2.28
Comment 6 Agostino Sarubbo gentoo-dev 2016-09-18 17:10:36 UTC
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-09-18 17:11:36 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 8 Yury German Gentoo Infrastructure gentoo-dev 2016-09-25 23:07:25 UTC
Arches, Thank you for your work.
Added to an existing GLSA Request.

Maintainer(s), please drop the vulnerable version(s).
Comment 9 Matthias Maier gentoo-dev 2016-09-26 00:16:25 UTC
commit 4dd281902e043e8e8299cf9991aa4841076ae66b
Author: Matthias Maier <>
Date:   Sun Sep 25 19:15:20 2016 -0500

    app-emulation/qemu: drop vulnerable versions 2.7.0, 2.7.0-r2
    Package-Manager: portage-2.2.28
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2016-09-26 00:39:31 UTC
This issue was resolved and addressed in
 GLSA 201609-01 at
by GLSA coordinator Yury German (BlueKnight).