Discussion:
CVE-2018-18954 QEMU: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb
(too old to reply)
P J P
2018-11-06 19:03:03 UTC
Permalink
Hello,

An OOB r/w buffer access issue was found in the PowerPC PowerNV LPC controller
in 'pnv_lpc_do_eccb' routine. It could occur while performing a memory write
operation. A guest user/process could use this flaw to crash the QEMU process
resulting in DoS.

Upstream patch:
---------------
-> https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00446.html

This issue was reported by Moguofang of Huawei.com.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Loading...