Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1204919 - (CVE-2014-9718) CVE-2014-9718 Qemu: PRDT overflow from guest to host
CVE-2014-9718 Qemu: PRDT overflow from guest to host
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20141031,repor...
: Security
: 1205321 (view as bug list)
Depends On: 1205100 1205103 1205322 1216968
Blocks: 1169000
  Show dependency treegraph
 
Reported: 2015-03-23 14:36 EDT by Prasad J Pandit
Modified: 2018-08-17 14:08 EDT (History)
29 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A denial of service flaw was found in the way QEMU handled malformed Physical Region Descriptor Table (PRDT) data sent to the host's IDE and/or AHCI controller emulation. A privileged guest user could use this flaw to crash the system.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Prasad J Pandit 2015-03-23 14:36:31 EDT 
Upstream Qemu is vulnerable to sending malicious PRDT data to the host's
IDE and/or AHCI controller emulation. This could result in infinite loop or memory leakage on the host leading to unbounded resource consumption on the host.

A privileged user inside guest could use this flaw to crash the system,
resulting in DoS.

Upstream fix:
-------------
  -> http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3251bdcf1c67427d964517053c3d185b46e618e8
Comment 1 Prasad J Pandit 2015-03-24 04:49:45 EDT 
Statement:

This issue did not affect the versions of the kvm package as shipped with Red Hat Enterprise Linux 5 and the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 6.

This issue affects the version of the qemu-kvm package as shipped with Red Hat Enterprise Linux 7, a future update may address this flaw.
Comment 3 Prasad J Pandit 2015-03-24 04:54:38 EDT 
Created qemu tracking bugs for this issue:

Affects: fedora-all [bug 1205103]
Comment 4 Vasyl Kaigorodov 2015-03-24 13:08:11 EDT 
*** Bug 1205321 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.