[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 3088-1] qemu-kvm security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3088-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
December 04, 2014                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : qemu-kvm
CVE ID         : CVE-2014-8106

Paolo Bonzini of Red Hat discovered that the blit region checks were
insufficient in the Cirrus VGA emulator in qemu-kvm, a full
virtualization solution on x86 hardware. A privileged guest user could
use this flaw to write into qemu address space on the host, potentially
escalating their privileges to those of the qemu host process.

For the stable distribution (wheezy), this problem has been fixed in
version 1.1.2+dfsg-6+deb7u6.

We recommend that you upgrade your qemu-kvm packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUgGMDAAoJEAVMuPMTQ89Ei/cP/2lKY3OfHhnTGo09hhk/zTcB
GipHKSQJJ1F0tNnRGBou69tfbMI1KEZzRsdxHcw0sFJl+EjfLjStQRkqeSS1t19z
JV9u6v3APMA11HkIjP5dG43c2/mrrBTsnDFKOXjRFFxKBZHEsZmuk65FXyH1k7Wl
wJ2PTM5AeR6PyfFxHreh4FpZDH9cXNpDjtC2Afe1JUoIx6rX1C0lhz5/12B2mPnR
aadzoGTU21IQHFzikCf8MVrScwYkunLOqLuVEaCLDliqMjZF8pAmjcHEr0wAbEwp
V7WmJdYoRL1G7LLGrMttlklYlyl4llWmuU0kTMp4q3hVS1zCW/b3qaTu7E0cCpSE
H67apsNPz65TkeIw6HJOsXKY4/zzjsJ83mml2o3+Bbfq70K7oP/szwp9TrBPe79W
8mlgAL5NEVbpLYNDsbAYcpKXaRoZlmSEfqzNsDstcVCNgpPdlZoHB+lPlN8ZBJh9
VQnHZwpZ3DwA0JtqO8uOJ4M3HZ58wo3sepfjHNj++PF0Y2QFM7DmLsK0vO6wI9fP
4AOhw+jbE+FEYzKLwEEgT4eRrr/wRtIBUqLmDIusa8+ZTMyHZOAU/nxMVf/xKxTy
9htTQf29wTRA0xYweY3jqZfhOviznZW4tWEAIwp9Y6C6ZJG1rsDuHYE3JM2JICOv
04Z8sgCo36WNm4AMpN6b
=mAZ/
-----END PGP SIGNATURE-----


Reply to: