Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 609158 (CVE-2017-2615) - [TRACKER] qemu: display: cirrus: oob access while doing bitblt copy backward mode (CVE-2017-2615)
Summary: [TRACKER] qemu: display: cirrus: oob access while doing bitblt copy backward ...
Status: RESOLVED FIXED
Alias: CVE-2017-2615
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard:
Keywords: Tracker
Depends on: 608034 XSA-208
Blocks:
  Show dependency tree
 
Reported: 2017-02-12 18:33 UTC by Thomas Deutschmann
Modified: 2017-02-21 20:41 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann gentoo-dev Security 2017-02-12 18:33:01 UTC
Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is
vulnerable to an out-of-bounds access issue. It could occur while copying
VGA data via bitblt copy in backward mode.

A privileged user inside guest could use this flaw to crash the Qemu process
resulting in DoS OR potentially execute arbitrary code on the host with
privileges of Qemu process on the host.

Upstream patch:

https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html
Comment 1 Thomas Deutschmann gentoo-dev Security 2017-02-21 20:41:10 UTC
All done.