製品・ソフトウェアに関する情報

JVN脆弱性詳細

QEMU におけるサービス運用妨害 (DoS) の脆弱性

Title	QEMU におけるサービス運用妨害 (DoS) の脆弱性
Summary	QEMU (別名 Quick Emulator) には、MegaRAID SAS 8708EM2 ホストバスアダプタのエミュレーションサポートでビルドされた場合、サービス運用妨害 (NULL ポインタデリファレンスおよび QEMU プロセスクラッシュ) 状態にされる脆弱性が存在します。
Possible impacts	ローカルのゲスト OS の特権付きユーザにより、megasas コマンド処理に関する問題によって、サービス運用妨害 (NULL ポインタデリファレンスおよび QEMU プロセスクラッシュ) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 6, 2017, midnight
Registration Date	July 7, 2017, 4:25 p.m.
Last Update	July 7, 2017, 4:25 p.m.

Affected System

Fabrice Bellard

QEMU

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2017-9503	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9503
National Vulnerability Database (NVD)
2	CVE-2017-9503	https://nvd.nist.gov/vuln/detail/CVE-2017-9503

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-476	http://cwe.mitre.org/data/definitions/476.html

ベンダー情報

No	Name	URL
Qemu-devel
1	[PATCH 4/7] megasas: do not read DCMD opcode more than once	https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html
2	[PATCH 7/7] megasas: always store SCSIRequest* into Megasas	https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html
Red Hat Bugzilla
3	Bug 1459477	https://bugzilla.redhat.com/show_bug.cgi?id=1459477

Change Log

No	Changed Details	Date of change
0	[2017年07月07日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2017-9503

Summary	QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
Publication Date	June 17, 2017, 7:29 a.m.
Registration Date	Jan. 26, 2021, 1:31 p.m.
Last Update	Nov. 21, 2024, 12:36 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:qemu:qemu::::::::			2.9.1

Related information, measures and tools

No	URL	タグ
1	http://www.openwall.com/lists/oss-security/2017/06/08/1	Mailing List Patch Third Party Advisory
2	http://www.openwall.com/lists/oss-security/2017/06/08/1	Mailing List Patch Third Party Advisory
3	http://www.securityfocus.com/bid/99010	Third Party Advisory VDB Entry
4	http://www.securityfocus.com/bid/99010	Third Party Advisory VDB Entry
5	https://bugzilla.redhat.com/show_bug.cgi?id=1459477	Issue Tracking Patch Third Party Advisory
6	https://bugzilla.redhat.com/show_bug.cgi?id=1459477	Issue Tracking Patch Third Party Advisory
7	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html	Third Party Advisory
8	https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html	Third Party Advisory
9	https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html	Third Party Advisory
10	https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html	Third Party Advisory
11	https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html	Issue Tracking Patch Third Party Advisory
12	https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html	Issue Tracking Patch Third Party Advisory
13	https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html	Issue Tracking Patch Third Party Advisory
14	https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html	Issue Tracking Patch Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html