Debian Security Advisory
DLA-1694-1 qemu -- LTS security update
- Date Reported:
- 28 Feb 2019
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 916397, Bug 902725, Bug 921525.
In Mitre's CVE dictionary: CVE-2018-12617, CVE-2018-16872, CVE-2019-6778.
- More information:
Several vulnerabilities were found in QEMU, a fast processor emulator:
The qmp_guest_file_read function (qga/commands-posix.c) is affected by an integer overflow and subsequent memory allocation failure. This weakness might be leveraged by remote attackers to cause denial of service (application crash).
The usb_mtp_get_object, usb_mtp_get_partial_object and usb_mtp_object_readdir functions (hw/usb/dev-mtp.c) are affected by a symlink attack. Remote attackers might leverage this vulnerability to perform information disclosure.
The tcp_emu function (slirp/tcp_subr.c) is affected by a heap buffer overflow caused by insufficient validation of available space in the sc_rcv->sb_data buffer. Remote attackers might leverage this flaw to cause denial of service, or any other unspecified impact.
For Debian 8
Jessie, these problems have been fixed in version 1:2.1+dfsg-12+deb8u10.
We recommend that you upgrade your qemu packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS