FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qemu -- denial of service vulnerability in VNC

Affected packages
qemu < 2.1.0
qemu-devel < 2.1.0
qemu-sbruno < 2.2.50.g20141230
qemu-user-static < 2.2.50.g20141230

Details

VuXML ID 8a560bcf-b14b-11e5-9728-002590263bf5
Discovery 2014-06-30
Entry 2016-01-02

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with the VNC display driver is vulnerable to an infinite loop issue. It could occur while processing a CLIENT_CUT_TEXT message with specially crafted payload message.

A privileged guest user could use this flaw to crash the Qemu process on the host, resulting in DoS.

References

CVE Name CVE-2015-5239
URL http://git.qemu.org/?p=qemu.git;a=commit;h=f9a70e79391f6d7c2a912d785239ee8effc1922d
URL http://www.openwall.com/lists/oss-security/2015/09/02/7
URL https://github.com/seanbruno/qemu-bsd-user/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d