Bug 1043312 - VUL-1: CVE-2017-9503: xen: scsi: megasas: null pointer dereference while processing megasas command
VUL-1: CVE-2017-9503: xen: scsi: megasas: null pointer dereference while proc...
Status: RESOLVED DUPLICATE of bug 1043297
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Minor
: ---
Assigned To: Charles Arnold
Security Team bot
https://smash.suse.de/issue/186399/
CVSSv3:RedHat:CVE-2017-9503:3.4:(AV:A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-08 07:43 UTC by Johannes Segitz
Modified: 2017-06-20 17:21 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-06-08 07:43:12 UTC
+++ This bug was initially created as a clone of Bug #1043296 +++

rh#1459477

Quick Emulator(Qemu) built with the MegaRAID SAS 8708EM2 Host Bus Adapter
emulation support is vulnerable to a null pointer dereference issue. It
could occur while processing megasas commands via megasas_command_complete().

A privileged user inside guest could use this flaw to crash the Qemu process
on the host resulting in DoS.

Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html
  -> https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html

Reference:
----------
  -> http://www.openwall.com/lists/oss-security/2017/06/08/1

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1459477
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9503
Comment 1 Johannes Segitz 2017-06-08 07:47:15 UTC
didn't see 1043297, sorry

*** This bug has been marked as a duplicate of bug 1043297 ***