Nicolae Mogoreanu discovered a heap overflow in the emulated e1000e network interface card of KVM, a solution for full virtualization on x86 hardware, which could result in denial of service or privilege escalation. This update also fixes a guest-triggerable memory corruption in VNC handling. For the stable distribution (squeeze), this problem has been fixed in version 0.12.5+dfsg-5+squeeze8. For the unstable distribution (sid), this problem has been fixed in version 1.0+dfsg-5. We recommend that you upgrade your qemu-kvm packages.
Nicolae Mogoreanu discovered a heap overflow in the emulated e1000e network interface card of KVM, a solution for full virtualization on x86 hardware, which could result in denial of service or privilege escalation.
This update also fixes a guest-triggerable memory corruption in VNC handling.
For the stable distribution (squeeze), this problem has been fixed in version 0.12.5+dfsg-5+squeeze8.
For the unstable distribution (sid), this problem has been fixed in version 1.0+dfsg-5.
We recommend that you upgrade your qemu-kvm packages.