Bug 895528 (CVE-2014-3615) - VUL-1: CVE-2014-3615: xen,kvm,qemu: information leakage when guest sets high resolution
Summary: VUL-1: CVE-2014-3615: xen,kvm,qemu: information leakage when guest sets high ...
Status: RESOLVED FIXED
Alias: CVE-2014-3615
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Deadline: 2015-03-09
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/105589/
Whiteboard: CVSSv2:SUSE:CVE-2014-3615:1.7:(AV:L/...
Keywords:
Depends on:
Blocks:
 
Reported: 2014-09-08 08:07 UTC by Marcus Meissner
Modified: 2020-06-14 09:13 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2014-09-08 08:07:26 UTC 
OSS:2014/Q3/521

From: P J P <ppandit@redhat.com>
Subject: [oss-security] CVE-2014-3615 Qemu: information leakage when guest sets high resolution

    Hello,

An information leakage flaw was found in Qemu's VGA emulator. It could lead to
leaking host memory bytes to a VNC client. It could occur when a guest GOP
driver attempts to set a high display resolution.

A privileged user/program able to set such high resolution could use this flaw
to leak host memory bytes.

Upstream fixes:
- ---------------
    -> http://git.qemu.org/?p=qemu.git;a=commit;h=c1b886c45dc70f247300f549dce9833f3fa2def5
    -> http://git.qemu.org/?p=qemu.git;a=commit;h=ab9509cceabef28071e41bdfa073083859c949a7


References:
http://seclists.org/oss-sec/2014/q3/521
Comment 1 Swamp Workflow Management 2014-09-08 22:00:11 UTC 
bugbot adjusting priority
Comment 3 Swamp Workflow Management 2015-02-23 15:54:03 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2015-03-09.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/60766
Comment 5 Swamp Workflow Management 2015-03-27 09:05:47 UTC 
SUSE-SU-2015:0613-1: An update that solves 8 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 861318,882089,895528,901488,903680,904255,906996,910254,910681,912011,918995,918998,919098,919464,919663
CVE References: CVE-2014-3615,CVE-2014-9065,CVE-2014-9066,CVE-2015-0361,CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2152
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    xen-4.4.1_10-9.1
SUSE Linux Enterprise Server 12 (src):    xen-4.4.1_10-9.1
SUSE Linux Enterprise Desktop 12 (src):    xen-4.4.1_10-9.1
Comment 6 Swamp Workflow Management 2015-04-20 14:05:17 UTC 
openSUSE-SU-2015:0732-1: An update that solves 7 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 861318,895528,901488,903680,910254,918995,918998,919098,919464,919663,922705,922706
CVE References: CVE-2014-3615,CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2152,CVE-2015-2752,CVE-2015-2756
Sources used:
openSUSE 13.1 (src):    xen-4.3.4_02-41.1
Comment 7 Marcus Meissner 2015-06-09 09:39:52 UTC 
this might leave kvm unfixed.

Andreas or Bruce?
Comment 8 Swamp Workflow Management 2015-06-22 10:05:49 UTC 
openSUSE-SU-2015:1092-1: An update that solves 17 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 861318,882089,895528,901488,903680,906689,910254,912011,918995,918998,919098,919464,919663,921842,922705,922706,922709,923758,927967,929339,931625,931626,931627,931628,932770,932790,932996
CVE References: CVE-2014-3615,CVE-2015-2044,CVE-2015-2045,CVE-2015-2151,CVE-2015-2152,CVE-2015-2751,CVE-2015-2752,CVE-2015-2756,CVE-2015-3209,CVE-2015-3340,CVE-2015-3456,CVE-2015-4103,CVE-2015-4104,CVE-2015-4105,CVE-2015-4106,CVE-2015-4163,CVE-2015-4164
Sources used:
openSUSE 13.2 (src):    xen-4.4.2_06-23.1
Comment 9 Marcus Meissner 2015-12-19 16:35:45 UTC 
XEN is done, but kvm probably is not.
Comment 10 Chunyan Liu 2016-01-28 08:11:27 UTC 
SLE11-SP3 SLE11-SP4, SLE12 are affected, and submit request to Devel:Virt.
SLE12-SP1 are not affected.
Comment 11 Swamp Workflow Management 2016-06-13 11:08:57 UTC 
SUSE-SU-2016:1560-1: An update that solves 37 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 886378,895528,901508,928393,934069,940929,944463,947159,958491,958917,959005,959386,960334,960708,960725,960835,961332,961333,961358,961556,961691,962320,963782,964413,967969,969121,969122,969350,970036,970037,975128,975136,975700,976109,978158,978160,980711,980723,981266
CVE References: CVE-2014-3615,CVE-2014-3689,CVE-2014-9718,CVE-2015-3214,CVE-2015-5239,CVE-2015-5745,CVE-2015-7295,CVE-2015-7549,CVE-2015-8504,CVE-2015-8558,CVE-2015-8567,CVE-2015-8568,CVE-2015-8613,CVE-2015-8619,CVE-2015-8743,CVE-2015-8744,CVE-2015-8745,CVE-2015-8817,CVE-2015-8818,CVE-2016-1568,CVE-2016-1714,CVE-2016-1922,CVE-2016-1981,CVE-2016-2198,CVE-2016-2538,CVE-2016-2841,CVE-2016-2857,CVE-2016-2858,CVE-2016-3710,CVE-2016-3712,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441,CVE-2016-4952
Sources used:
SUSE Linux Enterprise Server 12 (src):    qemu-2.0.2-48.19.1
SUSE Linux Enterprise Desktop 12 (src):    qemu-2.0.2-48.19.1
Comment 12 Swamp Workflow Management 2016-06-28 18:07:50 UTC 
SUSE-SU-2016:1698-1: An update that solves 33 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 895528,901508,928393,934069,936132,940929,944463,945404,945987,945989,947159,958491,958917,959005,960334,960725,961332,961333,961358,961556,961691,962320,963782,964413,967969,969350,970036,970037,975128,975136,975700,976109,978158,978160,980711,980723
CVE References: CVE-2014-3615,CVE-2014-3689,CVE-2014-9718,CVE-2015-3214,CVE-2015-5239,CVE-2015-5278,CVE-2015-5279,CVE-2015-5745,CVE-2015-6855,CVE-2015-7295,CVE-2015-7549,CVE-2015-8504,CVE-2015-8558,CVE-2015-8613,CVE-2015-8619,CVE-2015-8743,CVE-2016-1568,CVE-2016-1714,CVE-2016-1922,CVE-2016-1981,CVE-2016-2198,CVE-2016-2538,CVE-2016-2841,CVE-2016-2857,CVE-2016-2858,CVE-2016-3710,CVE-2016-3712,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kvm-1.4.2-46.1
Comment 13 Swamp Workflow Management 2016-07-11 14:39:19 UTC 
SUSE-SU-2016:1785-1: An update that solves 33 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 895528,901508,928393,934069,936132,940929,944463,945404,945987,945989,947159,958491,958917,959005,960334,960725,961332,961333,961358,961556,961691,962320,963782,964413,967969,969350,970036,970037,975128,975136,975700,976109,978158,978160,980711,980723
CVE References: CVE-2014-3615,CVE-2014-3689,CVE-2014-9718,CVE-2015-3214,CVE-2015-5239,CVE-2015-5278,CVE-2015-5279,CVE-2015-5745,CVE-2015-6855,CVE-2015-7295,CVE-2015-7549,CVE-2015-8504,CVE-2015-8558,CVE-2015-8613,CVE-2015-8619,CVE-2015-8743,CVE-2016-1568,CVE-2016-1714,CVE-2016-1922,CVE-2016-1981,CVE-2016-2198,CVE-2016-2538,CVE-2016-2841,CVE-2016-2857,CVE-2016-2858,CVE-2016-3710,CVE-2016-3712,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441
Sources used:
SUSE Linux Enterprise Server 11-SP4 (src):    kvm-1.4.2-44.1