qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/2] CVE-2015-1779: fix denial of service in VNC


From: Peter Maydell
Subject: Re: [Qemu-devel] [PATCH 0/2] CVE-2015-1779: fix denial of service in VNC websockets
Date: Tue, 31 Mar 2015 10:17:29 +0100

On 24 March 2015 at 15:51, Gerd Hoffmann <address@hidden> wrote:
> On Mo, 2015-03-23 at 22:58 +0000, Daniel P. Berrange wrote:
>> The VNC websockets protocol decoder has two places where it did
>> not correctly limit its resource usage when processing data from
>> the client. This can be abused by a malicious client to cause QEMU
>> to consume all system memory, unless it is otherwise limited by
>> ulimits and/or cgroups. These problems can be triggered in the
>> websockets layer before the VNC protocol actually starts, so no
>> client authentication will have taken place at this point.
>
> Hmm, with patch 1/2 applied novnc disconnects frequently.  Boot messages
> on the text (framebuffer) console seems to work fine.  But after logging
> in via gdm and trying to do stuff in gnome shell problems are starting.

Any further progress here? Ideally I'd like to get a fix for
this CVE into rc2...

thanks
-- PMM



reply via email to

[Prev in Thread] Current Thread [Next in Thread]