From: "Héctor Molinero Fernández" <1880332@bugs.launchpad.net>
To: qemu-devel@nongnu.org
Subject: [Bug 1880332] [NEW] Possible regression in QEMU 5.0.0 after CVE-2020-10702 (segmentation fault)
Date: Sat, 23 May 2020 19:13:47 -0000 [thread overview]
Message-ID: <159026122753.1613.8522405227035466257.malonedeb@chaenomeles.canonical.com> (raw)
Public bug reported:
I've come across a very specific situation, but I'm sure it could be
replicated in other cases.
In QEMU 5.0.0 when I use user emulation with a cURL binary for aarch64
and connect to a server using TLS 1.2 and ECDHE-ECDSA-CHACHA20-POLY1305
cypher a segmentation fault occurs.
I attach a Dockerfile that reproduces this crash and the strace output
with and without the de0b1bae6461f67243282555475f88b2384a1eb9 commit
reverted.
** Affects: qemu
Importance: Undecided
Status: New
** Attachment added: "crash-replication.zip"
https://bugs.launchpad.net/bugs/1880332/+attachment/5375960/+files/crash-replication.zip
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1880332
Title:
Possible regression in QEMU 5.0.0 after CVE-2020-10702 (segmentation
fault)
Status in QEMU:
New
Bug description:
I've come across a very specific situation, but I'm sure it could be
replicated in other cases.
In QEMU 5.0.0 when I use user emulation with a cURL binary for aarch64
and connect to a server using TLS 1.2 and ECDHE-ECDSA-
CHACHA20-POLY1305 cypher a segmentation fault occurs.
I attach a Dockerfile that reproduces this crash and the strace output
with and without the de0b1bae6461f67243282555475f88b2384a1eb9 commit
reverted.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1880332/+subscriptions
next reply other threads:[~2020-05-23 19:21 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-23 19:13 Héctor Molinero Fernández [this message]
2020-05-25 14:41 ` [Bug 1880332] Re: Possible regression in QEMU 5.0.0 after CVE-2020-10702 (segmentation fault) Laurent Vivier
2020-06-01 18:18 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=159026122753.1613.8522405227035466257.malonedeb@chaenomeles.canonical.com \
--to=1880332@bugs.launchpad.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).