Security Information / 2013 / Security Information -- DSA-2619-1 xen-qemu-dm-4.0

Debian Security Advisory

DSA-2619-1 xen-qemu-dm-4.0 -- buffer overflow

Date Reported:

10 Feb 2013

Affected Packages:

xen-qemu-dm-4.0

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2012-6075.

More information:

A buffer overflow was found in the e1000 emulation, which could be triggered when processing jumbo frames.

For the stable distribution (squeeze), this problem has been fixed in version 4.0.1-2+squeeze3.

For the unstable distribution (sid), this problem has been fixed in version 4.1.3-8 of the xen source package.

We recommend that you upgrade your xen-qemu-dm-4.0 packages.