oss-security - CVE-2017-15124 Qemu: memory exhaustion through framebuffer update request message in VNC server

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Message-ID: <nycvar.YSQ.7.76.1712191700510.32077@wniryva>
Date: Tue, 19 Dec 2017 17:03:36 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
cc: Daniel Berrange <berrange@...hat.com>
Subject: CVE-2017-15124 Qemu: memory exhaustion through framebuffer update
 request message in VNC server

   Hello,

VNC server implementation in Quick Emulator(QEMU) was found to be vulnerable 
to an unbounded memory allocation issue, as it did not throttle the 
framebuffer updates sent to its client. If the client did not consume these 
updates, VNC server allocates growing memory to hold onto this data.

A malicious VNC client could use this flaw to cause DoS on the remote server 
host.

Upstream fix(es):
-----------------
   -> https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg03715.html
   -> https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg03713.html
   -> https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg03711.html

Thread:
-------
   -> https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg03705.html

'CVE-2017-15124' is assigned to this issue by Red Hat Inc.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.