FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qemu -- denial of service vulnerability in VNC

Affected packages
qemu < 2.5.0
qemu-devel < 2.5.0
qemu-sbruno < 2.5.50.g20151224
qemu-user-static < 2.5.50.g20151224

Details

VuXML ID 67feba97-b1b5-11e5-9728-002590263bf5
Discovery 2015-12-08
Entry 2016-01-03

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with the VNC display driver support is vulnerable to an arithmetic exception flaw. It occurs on the VNC server side while processing the 'SetPixelFormat' messages from a client.

A privileged remote client could use this flaw to crash the guest resulting in DoS.

References

CVE Name CVE-2015-8504
URL http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4c65fed8bdf96780735dbdb92a8bd0d6b6526cc3
URL http://www.openwall.com/lists/oss-security/2015/12/08/4
URL https://github.com/seanbruno/qemu-bsd-user/commit/4c65fed8bdf96780735dbdb92a8bd0d6b6526cc3