FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qemu -- denial of service vulnerability in IDE disk/CD/DVD-ROM emulation

Affected packages
qemu < 2.4.1
qemu-devel < 2.4.1
qemu-sbruno < 2.5.50.g20151224
qemu-user-static < 2.5.50.g20151224


VuXML ID bbc97005-b14e-11e5-9728-002590263bf5
Discovery 2015-09-09
Entry 2016-01-02

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with the IDE disk and CD/DVD-ROM emulation support is vulnerable to a divide by zero issue. It could occur while executing an IDE command WIN_READ_NATIVE_MAX to determine the maximum size of a drive.

A privileged user inside guest could use this flaw to crash the Qemu instance resulting in DoS.


CVE Name CVE-2015-6855