'[oss-security] QEMU: security issues in vhost-user-gpu'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] QEMU: security issues in vhost-user-gpu
From:       Mauro Matteo Cascella <mcascell () redhat ! com>
Date:       2021-05-31 16:40:04
Message-ID: CAA8xKjVo8bEb+3B7GbdeHnkG8iScT4Ctt53NoQCMAB5Tqmog=Q () mail ! gmail ! com
[Download RAW message or body]

Hello,

Multiple security issues were identified in the virtio vhost-user GPU
device (vhost-user-gpu) of QEMU. A malicious guest could use these
flaws to leak memory from the host system or potentially crash the
QEMU process on the host, resulting in a denial of service condition.

Patch series:
https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg04536.html

The following CVEs have been assigned by Red Hat, Inc.

* CVE-2021-3544 - combined CVE for multiple memory leaks
   Upstream commits:
   https://gitlab.com/qemu-project/qemu/-/commit/86dd8fac
   https://gitlab.com/qemu-project/qemu/-/commit/b9f79858
   https://gitlab.com/qemu-project/qemu/-/commit/b7afebcf
   https://gitlab.com/qemu-project/qemu/-/commit/f6091d86
   https://gitlab.com/qemu-project/qemu/-/commit/63736af5

* CVE-2021-3545 - information disclosure due to uninitialized memory read
   Upstream commit:
   https://gitlab.com/qemu-project/qemu/-/commit/121841b2

* CVE-2021-3546 - oob write while processing VIRTIO_GPU_CMD_GET_CAPSET
   Upstream commit:
   https://gitlab.com/qemu-project/qemu/-/commit/9f22893a

Acknowledgements: Li Qiang of Tianchen Security Lab (Ant Group).

Thank  you,
Best regards.
-- 
Mauro Matteo Cascella
Red Hat Product Security
PGP-Key ID: BB3410B0

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic