First Last Prev Next    This bug is not in your last search results.
Bug 1177088 - (CVE-2020-25742) VUL-1: CVE-2020-25742: kvm,qemu: scsi: lsi: null pointer dereference during memory move
(CVE-2020-25742)
VUL-1: CVE-2020-25742: kvm,qemu: scsi: lsi: null pointer dereference during m...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: E-mail List
Security Team bot
https://smash.suse.de/issue/268430/
CVSSv3.1:SUSE:CVE-2020-25742:3.2:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-09-29 11:49 UTC by Robert Frohl
Modified: 2021-05-28 12:48 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
jose.ziviani: needinfo? (gianluca.gabrielli)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2020-09-29 11:49:01 UTC 
rh#1883178

A null pointer dereference issue was found in the LSI53C895A SCSI Host Bus Adapter emulator of QEMU. It could occur while performing processing 'Memory Move' instructions to move data beteween dma memory and i/o address space via lsi_memcpy(). A guest user/process may use this flaw to crash the QEMU process resulting in DoS scenario.

Upstream patch(proposed):
--------------------------
  -> https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1883178
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742
http://seclists.org/oss-sec/2020/q3/201
https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg07779.html
https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html
https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01568.html
Comment 1 Robert Frohl 2020-11-04 12:48:31 UTC 
tracking all codestreams as affected

SUSE:SLE-11-SP1:Update/kvm
SUSE:SLE-11-SP3:Update/kvm
SUSE:SLE-11-SP4:Update/kvm

SUSE:SLE-11:Update/qemu
SUSE:SLE-12-SP2:Update/qemu
SUSE:SLE-12-SP3:Update/qemu
SUSE:SLE-12-SP4:Update/qemu
SUSE:SLE-12-SP5:Update/qemu
SUSE:SLE-15:Update/qemu
SUSE:SLE-15-SP1:Update/qemu
SUSE:SLE-15-SP2:Update/qemu
Comment 5 Gianluca Gabrielli 2021-05-28 12:48:29 UTC 
Thanks José for your input, I close this bug from our side as well.
First Last Prev Next    This bug is not in your last search results.