Bugzilla – Bug 1024186
VUL-0: CVE-2017-5856: xen: scsi/megasas: host memory leakage in megasas_handle_dcmd
Last modified: 2017-10-25 19:01:34 UTC
+++ This bug was initially created as a clone of Bug #1023053 +++ Ref: http://seclists.org/oss-sec/2017/q1/270 ================================================ Hello, Quick Emulator(Qemu) built with the MegaRAID SAS 8708EM2 Host Bus Adapter emulation support is vulnerable to a memory leakage issue. It could occur while processing MegaRAID Firmware Interface(MFI) command in 'megasas_handle_dcmd' routine. A privileged user inside guest could use this flaw to leak host memory resulting DoS issue. Upstream patch: --------------- -> http://git.qemu.org/?p=qemu.git;a=commit;h=765a707000e838c30b18d712fe6cb3dd8e0435f3 Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=1418342 This issue was reported by Mr Li Qiang of 360.cn Inc. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F ================================================
bugbot adjusting priority
Submitted for, Devel:Virt:SLE-11-SP4 Devel:Virt:SLE-12 Devel:Virt:SLE-12-SP1
SUSE-SU-2017:0570-1: An update that solves 13 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1000195,1002496,1013657,1013668,1014490,1014507,1015169,1016340,1022627,1022871,1023004,1024183,1024186,1024307,1024834,1025188 CVE References: CVE-2016-10155,CVE-2016-9101,CVE-2016-9776,CVE-2016-9907,CVE-2016-9911,CVE-2016-9921,CVE-2016-9922,CVE-2017-2615,CVE-2017-2620,CVE-2017-5579,CVE-2017-5856,CVE-2017-5898,CVE-2017-5973 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): xen-4.5.5_06-22.11.2 SUSE Linux Enterprise Server 12-SP1 (src): xen-4.5.5_06-22.11.2 SUSE Linux Enterprise Desktop 12-SP1 (src): xen-4.5.5_06-22.11.2
SUSE-SU-2017:0582-1: An update that solves 14 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1000195,1002496,1013657,1013668,1014490,1014507,1015169,1016340,1022627,1022871,1023004,1024183,1024186,1024307,1024834,1025188,907805 CVE References: CVE-2014-8106,CVE-2016-10155,CVE-2016-9101,CVE-2016-9776,CVE-2016-9907,CVE-2016-9911,CVE-2016-9921,CVE-2016-9922,CVE-2017-2615,CVE-2017-2620,CVE-2017-5579,CVE-2017-5856,CVE-2017-5898,CVE-2017-5973 Sources used: SUSE Linux Enterprise Server for SAP 12 (src): xen-4.4.4_14-22.33.1 SUSE Linux Enterprise Server 12-LTSS (src): xen-4.4.4_14-22.33.1
SUSE-SU-2017:0647-1: An update that solves 14 vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1000195,1002496,1013657,1013668,1014490,1014507,1015169,1016340,1022627,1022871,1023004,1024183,1024186,1024307,1024834,1025188,907805,987002 CVE References: CVE-2014-8106,CVE-2016-10155,CVE-2016-9101,CVE-2016-9776,CVE-2016-9907,CVE-2016-9911,CVE-2016-9921,CVE-2016-9922,CVE-2017-2615,CVE-2017-2620,CVE-2017-5579,CVE-2017-5856,CVE-2017-5898,CVE-2017-5973 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): xen-4.4.4_14-51.1 SUSE Linux Enterprise Server 11-SP4 (src): xen-4.4.4_14-51.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): xen-4.4.4_14-51.1
released