FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qemu -- denial of service vulnerability in VMWARE VMXNET3 NIC support

Affected packages
qemu < 2.5.0
qemu-devel < 2.5.0
qemu-sbruno < 2.5.50.g20160213
qemu-user-static < 2.5.50.g20160213

Details

VuXML ID 9ad8993e-b1ba-11e5-9728-002590263bf5
Discovery 2015-12-15
Entry 2016-01-03
Modified 2016-07-06

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to a memory leakage flaw. It occurs when a guest repeatedly tries to activate the vmxnet3 device.

A privileged guest user could use this flaw to leak host memory, resulting in DoS on the host.

References

CVE Name CVE-2015-8567
CVE Name CVE-2015-8568
FreeBSD PR ports/205813
FreeBSD PR ports/205814
URL http://git.qemu.org/?p=qemu.git;a=commit;h=aa4a3dce1c88ed51b616806b8214b7c8428b7470
URL http://www.openwall.com/lists/oss-security/2015/12/15/4
URL https://github.com/seanbruno/qemu-bsd-user/commit/aa4a3dce1c88ed51b616806b8214b7c8428b7470
URL https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html