First Last Prev Next    This bug is not in your last search results.
Bug 1014112 - (CVE-2016-9912) VUL-0: CVE-2016-9912: qemu: display: virtio-gpu: memory leakage when destroying gpu resource
(CVE-2016-9912)
VUL-0: CVE-2016-9912: qemu: display: virtio-gpu: memory leakage when destroyi...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: E-mail List
Security Team bot
CVSSv2:RedHat:CVE-2016-9912:2.3:(AV:A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-12-07 01:23 UTC by Mikhail Kasimov
Modified: 2017-01-18 11:11 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2016-12-07 01:23:47 UTC 
Reference: http://seclists.org/oss-sec/2016/q4/618
===================================================
  Hello,

Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtio_gpu_resource_destroy'


A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host.


Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
===================================================
Comment 1 Matthias Gerstner 2016-12-07 16:46:19 UTC 
Only qemu in codestream

SUSE:SLE-12-SP2:Update/qemu/qemu-2.6.2/hw/display/virtio-gpu.c:349

is affected.
Comment 2 Swamp Workflow Management 2016-12-07 23:00:58 UTC 
bugbot adjusting priority
Comment 3 Matthias Gerstner 2017-01-13 16:46:02 UTC 
issue has been fixed and released in all affected SLE codestreams
openSUSE comes from SLE

closing bug
Comment 4 Swamp Workflow Management 2017-01-13 19:12:31 UTC 
SUSE-SU-2017:0127-1: An update that solves 13 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1007454,1008519,1009109,1013285,1013341,1013764,1013767,1014109,1014110,1014111,1014112,1014256,1014514,1016779,937125
CVE References: CVE-2016-9102,CVE-2016-9103,CVE-2016-9381,CVE-2016-9776,CVE-2016-9845,CVE-2016-9846,CVE-2016-9907,CVE-2016-9908,CVE-2016-9911,CVE-2016-9912,CVE-2016-9913,CVE-2016-9921,CVE-2016-9922
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    qemu-2.6.2-39.1
SUSE Linux Enterprise Server 12-SP2 (src):    qemu-2.6.2-39.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    qemu-2.6.2-39.1
Comment 5 Swamp Workflow Management 2017-01-18 11:11:55 UTC 
openSUSE-SU-2017:0194-1: An update that solves 13 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1007454,1008519,1009109,1013285,1013341,1013764,1013767,1014109,1014110,1014111,1014112,1014256,1014514,1016779,937125
CVE References: CVE-2016-9102,CVE-2016-9103,CVE-2016-9381,CVE-2016-9776,CVE-2016-9845,CVE-2016-9846,CVE-2016-9907,CVE-2016-9908,CVE-2016-9911,CVE-2016-9912,CVE-2016-9913,CVE-2016-9921,CVE-2016-9922
Sources used:
openSUSE Leap 42.2 (src):    qemu-2.6.2-26.1, qemu-linux-user-2.6.2-26.1, qemu-testsuite-2.6.2-26.1
First Last Prev Next    This bug is not in your last search results.