First Last Prev Next    This bug is not in your last search results.
Bug 1023073 - (CVE-2017-5857) VUL-0: CVE-2017-5857: kvm: qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
(CVE-2017-5857)
VUL-0: CVE-2017-5857: kvm: qemu: display: virtio-gpu-3d: host memory leakage ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: unspecified
Assigned To: Bruce Rogers
Security Team bot
CVSSv2:SUSE:CVE-2017-5857:2.3:(AV:A/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-02-01 17:35 UTC by Mikhail Kasimov
Modified: 2017-03-16 17:10 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2017-02-01 17:35:52 UTC 
Ref: http://seclists.org/oss-sec/2017/q1/272
===============================================
  Hello,

Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is vulnerable to a host memory leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_RESOURCE_UNREF' command.


A guest user/process could use this flaw to leak host memory resulting in DoS.

Upstream patch:
---------------
  -> https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg04615.html

Reference:
----------
  -> https://bugzilla.redhat.com/show_bug.cgi?id=1418382

This issue was reported by Mr Li Qiang of 360.cn Inc.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
===============================================
Comment 1 Swamp Workflow Management 2017-02-01 23:03:46 UTC 
bugbot adjusting priority
Comment 2 Mikhail Kasimov 2017-02-02 11:44:01 UTC 
Use CVE-2017-5857.

This is not yet available at
http://git.qemu.org/?p=qemu.git;a=history;f=hw/display/virtio-gpu-3d.c but
that may be an expected place for a later update.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
Comment 4 Lin Ma 2017-02-17 12:02:43 UTC 
Reassign the issue to Bruce because I didn't notice Bruce already fixed it.
Comment 5 Swamp Workflow Management 2017-03-07 17:12:41 UTC 
SUSE-SU-2017:0625-1: An update that solves 15 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1014702,1015169,1016779,1017081,1017084,1020491,1020589,1020928,1021129,1021195,1021481,1022541,1023004,1023053,1023073,1023907,1024972,1026583,977027
CVE References: CVE-2016-10028,CVE-2016-10029,CVE-2016-10155,CVE-2016-9921,CVE-2016-9922,CVE-2017-2615,CVE-2017-2620,CVE-2017-5525,CVE-2017-5526,CVE-2017-5552,CVE-2017-5578,CVE-2017-5667,CVE-2017-5856,CVE-2017-5857,CVE-2017-5898
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    qemu-2.6.2-41.9.1
SUSE Linux Enterprise Server 12-SP2 (src):    qemu-2.6.2-41.9.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    qemu-2.6.2-41.9.1
Comment 6 Bruce Rogers 2017-03-08 17:02:03 UTC 
Fixed.
Comment 7 Swamp Workflow Management 2017-03-16 17:10:27 UTC 
openSUSE-SU-2017:0707-1: An update that solves 15 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1014702,1015169,1016779,1017081,1017084,1020491,1020589,1020928,1021129,1021195,1021481,1022541,1023004,1023053,1023073,1023907,1024972,1026583,977027
CVE References: CVE-2016-10028,CVE-2016-10029,CVE-2016-10155,CVE-2016-9921,CVE-2016-9922,CVE-2017-2615,CVE-2017-2620,CVE-2017-5525,CVE-2017-5526,CVE-2017-5552,CVE-2017-5578,CVE-2017-5667,CVE-2017-5856,CVE-2017-5857,CVE-2017-5898
Sources used:
openSUSE Leap 42.2 (src):    qemu-2.6.2-29.4, qemu-linux-user-2.6.2-29.1, qemu-testsuite-2.6.2-29.8
First Last Prev Next    This bug is not in your last search results.