Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 628498 (CVE-2017-12809) - <app-emulation/qemu-2.10.0: Qemu: ide: flushing of empty CDROM drives leads to NULL dereference (CVE-2017-12809)
Summary: <app-emulation/qemu-2.10.0: Qemu: ide: flushing of empty CDROM drives leads t...
Alias: CVE-2017-12809
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa cve]
Depends on: CVE-2017-13711
  Show dependency tree
Reported: 2017-08-21 12:33 UTC by D'juan McDonald (domhnall)
Modified: 2017-11-12 21:45 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2017-08-21 12:33:40 UTC
From $URL:
 Quick emulator built with the IDE disk and CD/DVD-ROM Emulator support is 
 vulnerable to a null pointer dereference issue. It could occur while flushing 
 an empty CDROM device drive.
 A privileged user inside guest could use this flaw to crash the Qemu process 
 resulting in DoS.
 Upstream patch:
 'CVE-2017-12809' assigned via ->...
Comment 1 D'juan McDonald (domhnall) 2017-08-22 05:22:08 UTC
@Maintainer(s): Please follow procedure to close this report. Thank you.

Daj'Uan (mbailey_j)
Gentoo Security Scout
Comment 2 D'juan McDonald (domhnall) 2017-08-22 12:35:01 UTC

Patch 1/4

Patch 2/4

Patch 3/4

Patch 4/4

@maintainter(s), if possible please test, then follow procedure to stabilize and close on report. Thank you!

Daj'Uan (mbailey_j)
Gentoo Security Scout
Comment 3 Matthias Maier gentoo-dev 2017-09-01 02:02:27 UTC
Patches 1 and 2 are applied upstream in version 2.10.0

Patches 3 and 4 are rejected upstream and a related fix is in progress. I believe the immediate problem with CVE-2017-12809 is resolved by patches 1 + 2.