An out of bounds r/w access issue was found in the way QEMU handled inquiry request coming from a guest in scsi_handle_inquiry_reply(). A guest user/process could use this flaw to corrupt byte of QEMU process memory. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg02324.html Reference: ---------- -> https://www.openwall.com/lists/oss-security/2019/01/24/1
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1669005]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2166 https://access.redhat.com/errata/RHSA-2019:2166
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-6501
This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Red Hat OpenStack Platform 13.0 (Queens) Red Hat OpenStack Platform 14.0 (Rocky) Via RHSA-2019:2425 https://access.redhat.com/errata/RHSA-2019:2425
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Red Hat Virtualization Engine 4.3 Via RHSA-2019:2553 https://access.redhat.com/errata/RHSA-2019:2553