SB2020033013 - Gentoo update for QEMU

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper access control (CVE-ID: CVE-2019-13164)

The vulnerability allows a local attacker to gain unauthorized access to sensitive information.

The vulnerability exists due to qemu-bridge-helper.c does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size. A local attacker can create a tap device and attach it to a denied bridge interface, bypass the Access Control List (ACL) and get access to confidential data transmitted on the bridge.

2) Buffer overflow (CVE-ID: CVE-2020-8608)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within tcp_subr.c file in libslirp. A local user can pass specially crafted data to the application that is using the affected version of library, trigger memory corruption and execute arbitrary code on the system.

Remediation

Install update from vendor's website.

References

• https://security.gentoo.org/
• https://security.gentoo.org/glsa/202003-66