Discussion:
CVE-2018-18849 Qemu: lsi53c895a: OOB msg buffer access leads to DoS
(too old to reply)
P J P
2018-11-01 06:26:28 UTC
Permalink
Hello,

An out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus
Adapter emulation while writing a message in lsi_do_msgin. It could occur
during migration if the 'msg_len' field has an invalid value. A user/process
could use this flaw to crash the Qemu process resulting in DoS.

Upstream patch:
---------------
-> https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06682.html

This issue was discovered by dejavusecurity.com and reported by Oracle.com.

CVE assigned via -> https://cveform.mitre.org/

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Loading...