Quick Emulator(Qemu) built with the VMWARE PVSCSI paravirtual SCSI bus emulation support is vulnerable to an infinite loop issue. It could occur while processing SCSI IO requests. A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2016/09/16/3
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1376733]
Acknowledgements: Name: Li Qiang, Victor V (360.cn Inc.)
commit d251157ac1928191af851d199a9ff255d330bec9 Author: Prasad J Pandit <pjp> Date: Wed Sep 14 15:09:12 2016 +0530 scsi: pvscsi: limit process IO loop to ring size