PT-2019-5876 · Qemu+2 · Qemu+2

Published

2019-09-20

·

Updated

2021-04-23

·

CVE-2019-12068

CVSS v3.1

3.8

Low

VectorAV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions QEMU versions 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2
Description The issue is related to an infinite loop in the LSI scsi adapter emulator. When executing a script in lsi execute script(), the emulator advances the s->dsp index to read the next opcode, which can lead to an infinite loop if the next opcode is empty. This can cause a denial of service.
Recommendations For QEMU versions 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, update to version 1:2.1+dfsg-12+deb8u12 or later to resolve the issue. As a temporary workaround, consider modifying the loop exit condition in lsi execute script() to cover no-op opcodes and prevent the infinite loop.

Fix

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

BDU:2021-03544
CVE-2019-12068
DLA-1927-1
DLA-2288-1
DSA-4665-1
OPENSUSE-SU-2019:2505-1
OPENSUSE-SU-2019:2510-1
OPENSUSE-SU-2019_2505-1
OPENSUSE-SU-2019_2510-1
SUSE-SU-2019:14199-1
SUSE-SU-2019:14201-1
SUSE-SU-2019:2753-1
SUSE-SU-2019:2769-1
SUSE-SU-2019:2783-1
SUSE-SU-2019:2954-1
SUSE-SU-2019:2955-1
SUSE-SU-2019:2956-1
SUSE-SU-2019_14199-1
SUSE-SU-2019_2783-1
SUSE-SU-2020:0388-1
SUSE-SU-2020:14396-1
SUSE-SU-2020:1514-1
SUSE-SU-2020:1526-1
SUSE-SU-2020:1538-1
SUSE-SU-2020_14396-1
SUSE-SU-2020_1514-1
SUSE-SU-2020_1526-1
SUSE-SU-2020_1538-1
SUSE-SU-2021:14706-1
USN-4191-1
USN-4191-2

Affected Products

Qemu
Suse
Ubuntu