Vigil@nce - QEMU: memory leak via the audio driver ac97
March 2017 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker in tghe guest system can create a memory leak in the
ac97 audio device driver of QEMU, in order to trigger a denial of
service against the host system.
– Impacted products: Fedora, openSUSE Leap, QEMU, SUSE Linux
Enterprise Desktop, SLES.
– Severity: 2/4.
– Creation date: 18/01/2017.
DESCRIPTION OF THE VULNERABILITY
The QEMU product can emulate the audio device ac97.
However, some memory areas are are not freed at software
unplugging time.
An attacker, inside a guest system, can therefore create a memory
leak in the ac97 audio device driver of QEMU, in order to trigger
a denial of service against the host system.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/QEMU-memory-leak-via-the-audio-driver-ac97-21607