Bug 1430056 (CVE-2016-9603)
Summary: | CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Prasad Pandit <ppandit> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | unspecified | CC: | ailan, amit, apevec, areis, berrange, cfergeau, chrisw, crobinso, cvsbot-xmlrpc, drjones, dwmw2, gmollett, imammedo, itamar, jen, jjoyce, jschluet, kbasil, knoel, kraxel, lhh, lpeer, markmc, m.a.young, mkenneth, mrezanin, mst, pbonzini, rbryant, rjones, rkrcmar, sclewis, security-response-team, srevivo, tdecacqu, virt-maint, virt-maint, vkuznets, xen-maint | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | qemu 2.9 | Doc Type: | If docs needed, set a value | ||||
Doc Text: |
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
|
Story Points: | --- | ||||
Clone Of: | Environment: | ||||||
Last Closed: | 2019-06-08 03:08:50 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1430059, 1430060, 1430061, 1430062, 1430063, 1430064, 1430065, 1430066, 1430067, 1430068, 1430069, 1432040, 1432041, 1436466, 1447540, 1447542, 1447544, 1447545 | ||||||
Bug Blocks: | 1395719 | ||||||
Attachments: |
|
Description
Prasad Pandit
2017-03-07 19:02:52 UTC
Created attachment 1260925 [details]
Proposed upstream patch
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1432041] Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1432040] upstream pull request sent is on the way. merged now, next 2.8.x stable should have it too. This issue has been addressed in the following products: Red Hat OpenStack Platform 9.0 (Mitaka) Via RHSA-2017:0984 https://access.redhat.com/errata/RHSA-2017:0984 This issue has been addressed in the following products: Red Hat OpenStack Platform 8.0 (Liberty) Via RHSA-2017:0983 https://access.redhat.com/errata/RHSA-2017:0983 This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 Via RHSA-2017:0982 https://access.redhat.com/errata/RHSA-2017:0982 This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 Via RHSA-2017:0981 https://access.redhat.com/errata/RHSA-2017:0981 This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 Via RHSA-2017:0980 https://access.redhat.com/errata/RHSA-2017:0980 This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-7 RHEV 4.X RHEV-H and Agents for RHEL-7 Via RHSA-2017:0985 https://access.redhat.com/errata/RHSA-2017:0985 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:0987 https://access.redhat.com/errata/RHSA-2017:0987 This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2017:0988 https://access.redhat.com/errata/RHSA-2017:0988 This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-6 Via RHSA-2017:1205 https://access.redhat.com/errata/RHSA-2017:1205 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:1206 https://access.redhat.com/errata/RHSA-2017:1206 This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 Via RHSA-2017:1441 https://access.redhat.com/errata/RHSA-2017:1441 qemu-2.7.1-7.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report. |