Red Hat Bugzilla – Bug 1446577
CVE-2017-8380 Qemu: scsi: megasas: out-of-bounds read in megasas_mmio_write
Last modified: 2018-07-18 11:20:32 EDT
Quick Emulator(Qemu) built with the MegaRAID SAS 8708EM2 Host Bus Adapter
emulation support is vulnerable to an out-of-bounds read access issue. It
could occur while performing a MMIO write operation.
A privileged user inside guest could use this flaw to read host memory
leading to potentially crash the Qemu process on the host.
Name: YY Z(Researcher) Wjjzhang (Tencent.com Inc.)
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 1446578]
qemu-2.7.1-7.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.