Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 625614 (CVE-2017-11434) - <app-emulation/qemu-2.9.0-r55: slirp: out-of-bounds read while parsing dhcp options
Summary: <app-emulation/qemu-2.9.0-r55: slirp: out-of-bounds read while parsing dhcp o...
Status: RESOLVED FIXED
Alias: CVE-2017-11434
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks: CVE-2017-9503 CVE-2017-9524 CVE-2017-10664 CVE-2017-10806 CVE-2017-11334
  Show dependency tree
 
Reported: 2017-07-19 09:27 UTC by Agostino Sarubbo
Modified: 2017-09-03 22:49 UTC (History)
0 users

See Also:
Package list:
=app-emulation/qemu-2.9.0-r56 =sys-firmware/edk2-ovmf-2017_pre20170505 =sys-firmware/seabios-1.10.2
Runtime testing required: No
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-07-19 09:27:24 UTC
From ${URL} :

Quick emulator(Qemu) built with the BOOTP/DHCP Server support is vulnerable
to an OOB read issue. It could occur while parsing the DHCP options and vendor
extensions options sent by a client.

A user/process could use this flaw to potentially crash the Qemu process on
the host resulting in DoS.

Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html

Reference:
----------
  -> http://www.openwall.com/lists/oss-security/2017/07/19/2


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Matthias Maier gentoo-dev 2017-07-26 17:17:46 UTC
commit e67f10960bca69fdede54d77eb54c4ab72b98d08
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Wed Jul 26 12:10:46 2017 -0500

    app-emulation/qemu: security fixes
    
      CVE-2017-11334, bug #621292
      CVE-2017-11434, bug #625614
      CVE-2017-9503, bug #621184
      CVE-2017-9524, bug #621292
    
    Package-Manager: Portage-2.3.6, Repoman-2.3.3
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-08-08 00:00:43 UTC
@arches, please stabilize.
Comment 3 Stabilization helper bot gentoo-dev 2017-08-08 01:01:01 UTC
An automated check of this bug failed - repoman reported dependency errors (41 lines truncated): 

> dependency.bad app-emulation/qemu/qemu-2.9.0-r56.ebuild: DEPEND: amd64(default/linux/amd64/13.0) ['~sys-firmware/edk2-ovmf-2017_pre20170505[binary]', '~sys-firmware/seabios-1.10.2[binary,seavgabios]', 'sys-firmware/edk2-ovmf', '>=sys-firmware/seabios-1.10.2[seavgabios]']
> dependency.bad app-emulation/qemu/qemu-2.9.0-r56.ebuild: RDEPEND: amd64(default/linux/amd64/13.0) ['~sys-firmware/edk2-ovmf-2017_pre20170505[binary]', '~sys-firmware/seabios-1.10.2[binary,seavgabios]', 'sys-firmware/edk2-ovmf', '>=sys-firmware/seabios-1.10.2[seavgabios]']
> dependency.bad app-emulation/qemu/qemu-2.9.0-r56.ebuild: DEPEND: amd64(default/linux/amd64/13.0/desktop) ['~sys-firmware/edk2-ovmf-2017_pre20170505[binary]', '~sys-firmware/seabios-1.10.2[binary,seavgabios]', 'sys-firmware/edk2-ovmf', '>=sys-firmware/seabios-1.10.2[seavgabios]']
Comment 4 Matthias Maier gentoo-dev 2017-08-09 00:35:38 UTC
Updated package list.
Comment 5 Stabilization helper bot gentoo-dev 2017-08-09 01:01:12 UTC
An automated check of this bug succeeded - the previous repoman errors are now resolved.
Comment 6 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-08-09 01:14:18 UTC
(In reply to Matthias Maier from comment #4)
> Updated package list.

thanks.
Comment 7 Matthias Maier gentoo-dev 2017-09-01 01:09:57 UTC
commit 64084b9d4552b611da76774bedf98f180067f43d (HEAD -> master, origin/master, origin/HEAD)
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Thu Aug 31 20:09:04 2017 -0500

    app-emulation/qemu: drop vulnerable 2.9.0-r2, bug #625614
    
    Package-Manager: Portage-2.3.6, Repoman-2.3.3

commit bf14d3508d91a707aa4615c5a2d7940fc94b1f5a
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Thu Aug 31 20:07:37 2017 -0500

    app-emulation/qemu: stabilize on amd64, x86, bug #625614
    
    Package-Manager: Portage-2.3.6, Repoman-2.3.3

commit 076cda37021c624dff310d7b26ada9a47e51fe3e
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Thu Aug 31 20:06:08 2017 -0500

    sys-firmware/seabios: stabilize on amd64, x86, bug #625614
    
    Package-Manager: Portage-2.3.6, Repoman-2.3.3

commit edfe027b092f6558fa96ff761c91547fd2d5a7a9
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Thu Aug 31 20:04:00 2017 -0500

    sys-firmware/edk2-ovmf: stabilize on amd64, x86, bug #625614
    
    Package-Manager: Portage-2.3.6, Repoman-2.3.3
Comment 8 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-09-01 02:36:34 UTC
@Arches please test and mark stable.

Gentoo Security Padawan
ChrisADR
Comment 9 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-09-03 22:49:11 UTC
already stabilized by tamiko.

GLSA Vote: No