Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

qemu: CVE-2017-12809

Related Vulnerabilities: CVE-2017-12809   CVE-2017-9375   CVE-2017-13672   CVE-2017-14167   CVE-2017-13711   CVE-2017-11334  

Source

Debian Bug report logs - #873849
qemu: CVE-2017-12809

version graph

Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>;

Reported by: Salvatore Bonaccorso <carnil@debian.org>

Date: Thu, 31 Aug 2017 17:21:01 UTC

Severity: important

Tags: patch, security, upstream

Found in version qemu/1:2.8+dfsg-6

Fixed in versions 1:2.10.0-1, qemu/1:2.8+dfsg-6+deb9u3

Done: Michael Tokarev <mjt@tls.msk.ru>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>:
Bug#873849; Package src:qemu. (Thu, 31 Aug 2017 17:21:04 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>. (Thu, 31 Aug 2017 17:21:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: qemu: CVE-2017-12809
Date: Thu, 31 Aug 2017 19:19:30 +0200
Source: qemu
Version: 1:2.8+dfsg-6
Severity: important
Tags: patch upstream security

Hi,

the following vulnerability was published for qemu.

CVE-2017-12809[0]:
| QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM
| Emulator support, allows local guest OS privileged users to cause a
| denial of service (NULL pointer dereference and QEMU process crash) by
| flushing an empty CDROM device drive.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-12809
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12809
[1] https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01850.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Added tag(s) pending. Request was from <mjt@tls.msk.ru> to control@bugs.debian.org. (Mon, 11 Sep 2017 14:45:05 GMT) (full text, mbox, link).

Reply sent to Michael Tokarev <mjt@tls.msk.ru>:
You have taken responsibility. (Mon, 25 Sep 2017 07:12:10 GMT) (full text, mbox, link).

Notification sent to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer. (Mon, 25 Sep 2017 07:12:10 GMT) (full text, mbox, link).

Message #12 received at 873849-done@bugs.debian.org (full text, mbox, reply):

From: Michael Tokarev <mjt@tls.msk.ru>
To: 873849-done@bugs.debian.org
Subject: Re: Bug#873849: qemu: CVE-2017-12809
Date: Mon, 25 Sep 2017 10:01:58 +0300
Version: 1:2.10.0-1

This has been fixed in upstream 2.10.0 release.

Reply sent to Michael Tokarev <mjt@tls.msk.ru>:
You have taken responsibility. (Sat, 07 Oct 2017 11:51:20 GMT) (full text, mbox, link).

Notification sent to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer. (Sat, 07 Oct 2017 11:51:20 GMT) (full text, mbox, link).

Message #17 received at 873849-close@bugs.debian.org (full text, mbox, reply):

From: Michael Tokarev <mjt@tls.msk.ru>
To: 873849-close@bugs.debian.org
Subject: Bug#873849: fixed in qemu 1:2.8+dfsg-6+deb9u3
Date: Sat, 07 Oct 2017 11:47:42 +0000
Source: qemu
Source-Version: 1:2.8+dfsg-6+deb9u3

We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 873849@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 02 Oct 2017 16:11:47 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.8+dfsg-6+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
 qemu       - fast processor emulator
 qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Closes: 864219 869945 871648 871702 872257 873849 873851 873875 874606
Changes:
 qemu (1:2.8+dfsg-6+deb9u3) stretch-security; urgency=high
 .
   * xhci-dont-kick-in-xhci_submit-and-xhci_fire_ctl_transfer.patch
     This is a pre-required patch for the next patch to work right.
     Closes: #869945
   * xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch
     After applying previous patch, this one can be applied again
     Closes: #864219, CVE-2017-9375
   * ide-do-not-flush-empty-CDROM-drives-CVE-2017-12809.patch
     Closes: #873849, CVE-2017-12809
   * vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch
     Closes: #873851, CVE-2017-13672
   * multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch
     Closes: #874606, CVE-2017-14167
   * slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch
     Closes: #873875, CVE-2017-13711
   * exec-add-lock-parameter-to-qemu_ram_ptr_length.patch
     upstream patch fixing memory leak after
     exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch
     Closes: #871648, #871702, #872257
Checksums-Sha1:
 86b9489c5f1d443c84bc4973fd9071d913737a9c 5579 qemu_2.8+dfsg-6+deb9u3.dsc
 58ba5aa2e6562d59d113820dba69aacb050eb59c 130256 qemu_2.8+dfsg-6+deb9u3.debian.tar.xz
 1ca8bb7235b37b4f7b2634913b92bac3ae084c94 10818 qemu_2.8+dfsg-6+deb9u3_source.buildinfo
Checksums-Sha256:
 1328b57741bba1ee5f8ab5e5ab2e7a3a0eb78791151d72fd48de8226b3ebb85d 5579 qemu_2.8+dfsg-6+deb9u3.dsc
 ef24cad8ee55f4ceb7a9b52de81ec61e8386249b921f656438ef939a4979a419 130256 qemu_2.8+dfsg-6+deb9u3.debian.tar.xz
 2e61af972fe8525142ac3b63f1145d77e015c38cb459e7329a9e0094a5b579d7 10818 qemu_2.8+dfsg-6+deb9u3_source.buildinfo
Files:
 a76e0dc92a5e609f23deaae8fddc18ca 5579 otherosfs optional qemu_2.8+dfsg-6+deb9u3.dsc
 8010d49ac95ca2fa07faa682a5d967dd 130256 otherosfs optional qemu_2.8+dfsg-6+deb9u3.debian.tar.xz
 a8357f2c157e24c2f2003bc1c287951d 10818 otherosfs optional qemu_2.8+dfsg-6+deb9u3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAlnSO10PHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZA+8H/jZGNDjA1sUInHuHWJFr0pFLO8L3iKeKmZzj
P5bXARMqBRIIzOvUKTv0DTqFr3L1ablR0ooviZXDOvAKEUXBeWuuUyndeETm9y8/
T/H6Utr6pGD6ToNn36ev5qYLjabtSis+W9YRMlSYqZAjvoNTPhPPuiscl/NjqzOg
OpZfs9kS1r4glmvygv1D6JD6iWSuPLUsWEH1aNnDe7LPOdbAFo3snF5zh7JKuMus
jTBafv1X5Z/bUZ6lL31BcVr2zGhjD9qaH/X7eYMVD9O160J1fCnvZBKOh49nRo1d
NaesLFXtn/mF7p26d8Xl5HivVLuS/R4V0aSfY0y2xq5wFC6LiAg=
=H33i
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Fri, 10 Nov 2017 07:28:45 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 18:57:41 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started