[SECURITY] [DLA 574-1] qemu-kvm security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : qemu-kvm
Version : 1.1.2+dfsg-6+deb7u14
CVE ID : CVE-2015-5239 CVE-2016-2857 CVE-2016-4020 CVE-2016-4439
CVE-2016-5403 CVE-2016-6351
Multiple vulnerabilities have been discovered in qemu-kvm, a full
virtualization solution on x86 hardware. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2015-5239
Lian Yihan discovered that QEMU incorrectly handled certain payload
messages in the VNC display driver. A malicious guest could use this
issue to cause the QEMU process to hang, resulting in a denial of
service.
CVE-2016-2857
Ling Liu discovered that QEMU incorrectly handled IP checksum
routines. An attacker inside the guest could use this issue to cause
QEMU to crash, resulting in a denial of service, or possibly leak
host memory bytes.
CVE-2016-4020
Donghai Zdh discovered that QEMU incorrectly handled the Task
Priority Register(TPR). A privileged attacker inside the guest could
use this issue to possibly leak host memory bytes.
CVE-2016-4439, CVE-2016-6351
Li Qiang disovered that the emulation of the 53C9X Fast SCSI
Controller is affected by out of bound access issues.
CVE-2016-5403
Zhenhao Hong discovered that a malicious guest administrator can
cause unbounded memory allocation in QEMU (which can cause an
Out-of-Memory condition) by submitting virtio requests without
bothering to wait for completion.
For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u14.
We recommend that you upgrade your qemu-kvm packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJXnIS4AAoJEAe4t7DqmBILJnIP/iMzD2oZ9u37gLc0qUCH87N3
tYNEL7SSBb0ZYOb+Fg7vQxIDvkvuvWJ3AbmaxwQlJ/yTrEcdddeSubHoRI99u7zx
RGl8dqHVNS2O1XlFUhfv6GiJgdyp1tGOtW32zvMisnrE+JZxdIqOXHGOiMewZHbd
rBE01pv6GACLrJFmdrpuptq1i7AQpT05XzgK3XLgnudfa87bh/AF+6uSu/wi45ZU
b2ilDFIckH9Hsi6SQ81JEsCTw/a/H6OgUzn6GQnXVGVgpk8SJwSIfAx97LbJ5kwW
JG43p4UMhIBXNwic9/sWsQjlLTjgDW88D3/iGCk5GVYjVzaLoE3jyV3jms6EFbTv
kjKtabjkWvL9c1xEDJGPmcQpv4tISDOK07/bZl4SXBayRdS7u+5J6m93gtltqFZ+
FBLUry9BvN8HC55IozPZXfWoDJLohWPVp7ZAhzCVeGsdp+u5ILEyUoduK9sWoOW/
ALsTDKdRIMkg1EiqVP0NiKtnKrkZ37T9/iEwalXpdmvRfQBMs43EqXq62/Yi3BvH
KfOQ3eH9K/oHjRzOqPJpd3MCbMwEYsFGA57/y7ByWhYpLo3AQWa8NHBLQB5h9KIa
xhViZtgurp/cEOC9JsSbtOAWRctgp3BwO9cEgiF/Vl9NDDfDYOpu7UP1DRDW7EME
VSXdMCSw3CFj1BCQwRgN
=n/al
-----END PGP SIGNATURE-----
Reply to: