[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE request Qemu: 9pfs: memory leakage in v9fs_write
From:       <cve-assign () mitre ! org>
Date:       2016-10-30 19:45:30
Message-ID: 91dfb06a63e541769819a7edbbee1429 () imshyb02 ! MITRE ! ORG
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9
> File System(9pfs) support, is vulnerable to a memory leakage issue. It could
> occur when calling v9fs_write call.
> 
> A privileged user inside guest could use this flaw to leak the host memory
> bytes resulting in DoS for other services.
> 
> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
> http://git.qemu.org/?p=qemu.git;a=commit;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9

>> doesn't free an IO vector

Use CVE-2016-9106.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYFkuQAAoJEHb/MwWLVhi2eq8P/2iZ0CeEPUH8YU5Mz7dSLayz
VLPYWPJWgYviJbAvD7twWyAf2qYYpamLMGY0SiRSaV30xcB+yPbyXKZVwKoB8tt5
DF4k61Rdzfnshrfo3/flhREW7qZSbKo/NA1HZX4PWwAk3PnD0wDV8AcambyzyB/E
Jjwfw3fiaoZMtOZlsnsohvMpoI/PvwQYg8RUrD7zB6mit2D/jtdfXG6vuY4b0c22
1UCitnP2Wsqb2Ex+52jwisTkeLxut6ZYyV77N1BX1WSPeDrESV+9E4mm6rFVYTgY
1COL7WB1H7ZCoxgQ3G4oXN9YtOKzIDS8L1Zdn1XfKhA68FFtPQ9aP4bSDPlzeXDs
Ort3rUCS2Fnk5y9WNR40l7r5E1D1ccr/bFS6+/N8dvBlNNGlJkh3bvaaUJgwmzUw
RL2w7uPLQi+Qpi3AHxxKtY09cRrIa1wfHVVwnJ+x+rGOpFoIQRRK3sAosv3r2AJl
eakEZxN2UJPmbTckOhOoyJ5ISNFQSytwzTG8a6DzO6+KJgqHBsmj9kTxkIHznKKi
arlpGH+E6SzwOpTCst6257Ht3gCs0h1SPL1XPcL6fpmoy6ilkedce5rrSYKD+DBq
f+flLN8q/89q/doPU+lmORuUSzwwzLfKTnJRtX9h2n0jasubBWnVAGyTQqHAmLKE
/FY1TuwKHWAohSxEpMG6
=GBCx
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]