[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 653-1] qemu-kvm security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : qemu-kvm
Version        : 1.1.2+dfsg-6+deb7u16
CVE ID         : CVE-2016-7161 CVE-2016-7170 CVE-2016-7908

Multiple vulnerabilities have been found in qemu-kvm:

CVE-2016-7161

    Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite
    in qemu-kvm allows attackers to execute arbitrary code on the QEMU host via
    a large ethlite packet.

CVE-2016-7170

    The vmsvga_fifo_run function in hw/display/vmware_vga.c in qemu-kvm is
    vulnerable to an OOB memory access.

CVE-2016-7908

    The mcf_fec_do_tx function in hw/net/mcf_fec.c in qemu-kvm does not
    properly limit the buffer descriptor count when transmitting packets, which
    allows local guest OS administrators to cause a denial of service (infinite
    loop and QEMU process crash) via vectors involving a buffer descriptor with
    a length of 0 and crafted values in bd.flags.

For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u16.

We recommend that you upgrade your qemu-kvm packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX/Jn3AAoJEKyQrD7FJAZevPIP/A9QZwfejmdywMNVKhyEtp7E
X7UQkg+5XOmuSa0+yyt4HV47kWUooM512WMOQT6gycpUA52G0oM2w9IPyMkv9vwD
7PDSlZ/u8FvaBO8wAwq/VMmYcv5keodMk4U7EONJ0jaCy/DQ22JV2GMuJqtbV/1z
kSC2XNanfG2S43yyqwG8dFw0MM2B6xVuppUulBPWe0jxMYQg7Y2Of17SCjIqnlqG
T+kcnNa8S4TUi70iFmSz6lLr8gnedfSw80ZGGzfVKTvofqCsL1HWujWAN/T2aO8y
bl6dCVyyhMRIye/yELWHx8G187s5V7e07WTiCR8zeJGfdC2U0zBG9IknBuy8/v/t
NUG7zudKwC6utdw6JcBtUzWdwBC0CH9N6NEn1M983Ye/KYRHmcfsESDGvyT9QXQs
02zRMNDsjydcQG+iw0hrBoX6ATYphWz6ByxuzRs2CnuMAplIqVsxMmcd4BhZsZC9
vIfbW9gYD03n5Ra/jQ7LbEOK1fCAD8HmBimmiUKWCR4InbCJXEVffWCtW1I5XF61
ZeJ5JlqnS2u+Re4hc5JWI9d1/dItL5V+0fAHV/JJwXUR1y7Ueevyj7mgTfjZrLPq
skITLtEZGmiPbYbeUOOy4svbHxUu6XC6aU9dsuko5rHboZWAI9eepHJ0jJz6anzI
BaIf1blsXcKwtOV/V8qO
=BNvg
-----END PGP SIGNATURE-----


Reply to: