Bugzilla – Bug 1017085
VUL-0: CVE-2016-10028: xen: display: virtio-gpu-3d: OOB access while reading virgl capabilities
Last modified: 2021-05-20 09:54:13 UTC
+++ This bug was initially created as a clone of Bug #1017084 +++ Please check if the qemu Xen code is affected by this. rh#1406367 Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is vulnerable to an out of bounds memory access issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest user/process could use this flaw to crash the Qemu process instance on a host, resulting in DoS. Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01903.html Reference: http://www.openwall.com/lists/oss-security/2016/12/20/1 Acknowledgments: Name: Hongzhenhao Qinghao Tang - Marvel Team (360.cn) References: https://bugzilla.redhat.com/show_bug.cgi?id=1406367 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10028 http://seclists.org/oss-sec/2016/q4/741
bugbot adjusting priority
No version of Xen that we ship with the upstream qemu has this code.
thanks!