Get the LinuxSecurity news you want faster with RSS
Powered By
Pardus: Qemu Denial of Service
Posted by Bill Keys
The security issue is caused due to an infinite loop within the
"protocol_client_msg()" function in vnc.c when processing certain
"SetEncodings" messages. This can be exploited to cause a high CPU load
by sending specially crafted messages to a vulnerable host.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-90 security@pardus.org.tr
------------------------------------------------------------------------
Date: 2008-12-27
Severity: 1
Type: Local
------------------------------------------------------------------------
Summary
=======
A security issue has been reported in QEMU, which can be exploited by
malicious users to cause a DoS (Denial of Service).
Description
===========
The security issue is caused due to an infinite loop within the
"protocol_client_msg()" function in vnc.c when processing certain
"SetEncodings" messages. This can be exploited to cause a high CPU load
by sending specially crafted messages to a vulnerable host.
Affected packages:
Pardus 2008:
qemu, all before 0.9.1-12-3
Resolution
==========
There are update(s) for qemu. You can update them via Package Manager or
with a single command from console:
pisi up qemu
References
==========
* http://bugs.pardus.org.tr/show_bug.cgi?id=8884
* http://www.coresecurity.com/content/vnc-remote-dos
* http://secunia.com/Advisories/33293/
------------------------------------------------------------------------
--
Pardus Security Team
http://security.pardus.org.tr
_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security
