Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 629316 (CVE-2017-13673) - <app-emulation/qemu-2.10.0: denial of service (assertion failure) (CVE-2017-13673)
Summary: <app-emulation/qemu-2.10.0: denial of service (assertion failure) (CVE-2017-1...
Status: RESOLVED FIXED
Alias: CVE-2017-13673
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://web.nvd.nist.gov/view/vuln/de...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: CVE-2017-13711
Blocks:
  Show dependency tree
 
Reported: 2017-08-29 18:39 UTC by D'juan McDonald (domhnall)
Modified: 2017-11-12 21:45 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2017-08-29 18:39:25 UTC
From ${URL}:

The vga display update in Qemu 2.8.0 through 2.9.0 mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the "cpu_physical_memory_snapshot_get_dirty" function.

CVE Details: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13673

Patch: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04685.html
Comment 1 Matthias Maier gentoo-dev 2017-09-01 02:02:32 UTC
This is fixed upstream in qemu-2.10.0
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-09-03 23:00:35 UTC
(In reply to Matthias Maier from comment #1)
> This is fixed upstream in qemu-2.10.0

Has it been backported to 2.9.x?
Comment 3 D'juan McDonald (domhnall) 2017-10-21 05:05:09 UTC
(In reply to Aaron Bauman from comment #2)
> Has it been backported to 2.9.x?

Fixes: CVE-2017-13673
+Fixes: fec5e8c92becad223df9d972770522f64aafdb72
+Cc: P J P <ppandit@redhat.com>
+Reported-by: David Buchanan <d@vidbuchanan.co.uk>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Message-id: 20170828123307.15392-1-kraxel@redhat.com
+
+Upstream-Status: Backport
+[https://git.qemu.org/?p=qemu.git;a=commit;h=e65294157d4b69393b3f819c99f4f647452b48e3]
+
+CVE: CVE-2017-13673
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>

"Impact:  DoS for privileged guest users. "

-------------------------------------------

It appears this was indeed backported to 2.9.x