CVE-2008-1952 – qemu/xen/kvm: ioemu: Fix PVFB backend to limit frame buffer size

https://notcve.org/view.php?id=CVE-2008-1952

The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory. El backend para XenSource Xen Para Virtualized Frame Buffer (PVFB) en Xen ioemu, no restringe apropiadamente el tamaño del búfer de trama, lo que permite a los atacantes causar una denegación de servicio (bloqueo) mediante la asignación de una cantidad arbitraria de memoria de invitado. • http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00421.html http://secunia.com/advisories/32088 http://www.openwall.com/lists/oss-security/2008/05/21/9 http://www.securityfocus.com/bid/30646 http://www.securitytracker.com/id?1020957 http://xenbits.xensource.com/xen-unstable.hg?rev/9044705960cb30cec385bdca7305bcf7db096721 https://exchange.xforce.ibmcloud.com/vulnerabilities/43362 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11189 https://rhn.re • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •