Bugzilla – Bug 982018
VUL-0: CVE-2016-5106: qemu, kvm: scsi: megasas: out-of-bounds write while setting controller properties
Last modified: 2017-03-08 16:53:18 UTC
rh#1339578 Quick Emulator(Qemu) built with the MegaRAID SAS 8708EM2 Host Bus Adapter emulation support is vulnerable to an out-of-bounds write access issue. It could occur while processing MegaRAID Firmware Interface(MFI) command to set controller properties in 'megasas_dcmd_set_properties'. A privileged user inside guest could use this flaw to crash the Qemu process on the host resulting in DoS. Upstream patch: -> https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html Reference: -> http://www.openwall.com/lists/oss-security/2016/05/25/6 References: https://bugzilla.redhat.com/show_bug.cgi?id=1339578 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5106 http://seclists.org/oss-sec/2016/q2/417 https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04410.html
bugbot adjusting priority
SUSE-SU-2016:2589-1: An update that solves 19 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1000048,967012,967013,982017,982018,982019,982222,982223,982285,982959,983961,983982,991080,991466,994760,994771,994774,996441,997858,997859 CVE References: CVE-2016-2391,CVE-2016-2392,CVE-2016-4453,CVE-2016-4454,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6490,CVE-2016-6833,CVE-2016-6836,CVE-2016-6888,CVE-2016-7116,CVE-2016-7155,CVE-2016-7156 Sources used: SUSE Linux Enterprise Server 12-SP1 (src): qemu-2.3.1-21.1 SUSE Linux Enterprise Desktop 12-SP1 (src): qemu-2.3.1-21.1
SUSE-SU-2016:2628-1: An update that fixes 16 vulnerabilities is now available. Category: security (moderate) Bug References: 902737,944697,967012,967013,982017,982018,982019,982222,982223,982285,982959,983961,983982,991080,991466,996441 CVE References: CVE-2014-7815,CVE-2015-6815,CVE-2016-2391,CVE-2016-2392,CVE-2016-4453,CVE-2016-4454,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6490,CVE-2016-7116 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): kvm-1.4.2-47.1
openSUSE-SU-2016:2642-1: An update that solves 19 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1000048,967012,967013,982017,982018,982019,982222,982223,982285,982959,983961,983982,991080,991466,994760,994771,994774,996441,997858,997859 CVE References: CVE-2016-2391,CVE-2016-2392,CVE-2016-4453,CVE-2016-4454,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6490,CVE-2016-6833,CVE-2016-6836,CVE-2016-6888,CVE-2016-7116,CVE-2016-7155,CVE-2016-7156 Sources used: openSUSE Leap 42.1 (src): qemu-2.3.1-19.3, qemu-linux-user-2.3.1-19.1, qemu-testsuite-2.3.1-19.6
SUSE-SU-2016:2781-1: An update that fixes 21 vulnerabilities is now available. Category: security (moderate) Bug References: 893323,944697,967012,967013,982017,982018,982019,982222,982223,982285,982959,983961,983982,991080,991466,994760,994771,994774,996441,997858,997859 CVE References: CVE-2014-5388,CVE-2015-6815,CVE-2016-2391,CVE-2016-2392,CVE-2016-4453,CVE-2016-4454,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6490,CVE-2016-6833,CVE-2016-6836,CVE-2016-6888,CVE-2016-7116,CVE-2016-7155,CVE-2016-7156 Sources used: SUSE Linux Enterprise Server for SAP 12 (src): qemu-2.0.2-48.22.1 SUSE Linux Enterprise Server 12-LTSS (src): qemu-2.0.2-48.22.1
Fixed.