Date: Tue, 23 Jun 2015 00:19:38 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 201064] emulators/qemu: Heap overflow in QEMU PCNET controller, allowing guest->host escape (CVE-2015-3209) Message-ID: <bug-201064-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201064 Bug ID: 201064 Summary: emulators/qemu: Heap overflow in QEMU PCNET controller, allowing guest->host escape (CVE-2015-3209) Product: Ports & Packages Version: Latest Hardware: Any URL: http://xenbits.xen.org/xsa/advisory-135.html OS: Any Status: New Keywords: needs-patch, needs-qa, security Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: nox@FreeBSD.org Reporter: koobs@FreeBSD.org CC: ports-secteam@FreeBSD.org, sbruno@FreeBSD.org Assignee: nox@FreeBSD.org Flags: maintainer-feedback?(nox@FreeBSD.org), merge-quarterly? https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209 A guest which has access to an emulated PCNET network device (e.g. with "model=pcnet" in their VIF configuration) can exploit this vulnerability to take over the qemu process elevating its privilege to that of the qemu process. Check if it applies to emulators/qemu emulators/qemu-devel emulators/qemu-sbruno emulators/qemu-user-static -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201064-13>