Quick emulator(Qemu) built with the LSI SAS1068 Host Bus emulation support, is vulnerable to an invalid memory access issue. It could occur while processing scsi io requests in mptsas_process_scsi_io_request. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host resulting in DoS. Upstream patch -------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03604.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2016/09/16/5
Acknowledgments: Name: Li Qiang (360.cn Inc.)
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1376777]