Debian Bug report logs -
#481204
kvm: CVE-2008-2004 allows unauthorized disclosure of information
Reported by: Nico Golde <nion@debian.org>
Date: Wed, 14 May 2008 14:12:01 UTC
Severity: grave
Tags: patch, security
Fixed in version kvm/66+dfsg-1.1
Done: Steffen Joeris <white@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Jan Lübbe <jluebbe@debian.org>:
Bug#481204; Package kvm.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>:
New Bug report received and forwarded. Copy sent to Jan Lübbe <jluebbe@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: kvm
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for kvm.
CVE-2008-2004[0]:
| The drive_init function in QEMU 0.9.1 determines the format of a raw
| disk image based on the header, which allows local guest users to read
| arbitrary files on the host by modifying the header to identify a
| different format, which is used when the guest is restarted.
Patch: http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=4277
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
http://security-tracker.debian.net/tracker/CVE-2008-2004
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org, Jan Lübbe <jluebbe@debian.org>:
Bug#481204; Package kvm.
(full text, mbox, link).
Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
Extra info received and forwarded to list. Copy sent to Jan Lübbe <jluebbe@debian.org>.
(full text, mbox, link).
Message #10 received at 481204@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi
Attached you'll find the full NMU patch to fix the outstanding qemu issues.
Cheers
Steffen
[nmu.patch (text/x-diff, attachment)]
[signature.asc (application/pgp-signature, inline)]
Reply sent to Steffen Joeris <white@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #15 received at 481204-close@bugs.debian.org (full text, mbox, reply):
Source: kvm
Source-Version: 66+dfsg-1.1
We believe that the bug you reported is fixed in the latest version of
kvm, which is due to be installed in the Debian FTP archive:
kvm-data_66+dfsg-1.1_all.deb
to pool/main/k/kvm/kvm-data_66+dfsg-1.1_all.deb
kvm-source_66+dfsg-1.1_all.deb
to pool/main/k/kvm/kvm-source_66+dfsg-1.1_all.deb
kvm_66+dfsg-1.1.diff.gz
to pool/main/k/kvm/kvm_66+dfsg-1.1.diff.gz
kvm_66+dfsg-1.1.dsc
to pool/main/k/kvm/kvm_66+dfsg-1.1.dsc
kvm_66+dfsg-1.1_i386.deb
to pool/main/k/kvm/kvm_66+dfsg-1.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 481204@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steffen Joeris <white@debian.org> (supplier of updated kvm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 20 May 2008 13:28:14 +0000
Source: kvm
Binary: kvm kvm-data kvm-source
Architecture: source all i386
Version: 66+dfsg-1.1
Distribution: unstable
Urgency: high
Maintainer: Jan Lübbe <jluebbe@debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description:
kvm - Full virtualization on x86 hardware
kvm-data - Data files for the KVM package
kvm-source - Source for the KVM driver
Closes: 480011 481204
Changes:
kvm (66+dfsg-1.1) unstable; urgency=high
.
* Non-maintainer upload by the security team
* Merge the fixes for the security issues in the embedded qemu
version (Closes: #480011) Thanks to Jamie Strandboge
- Add CVE-2007-1320+1321+1322+1366+2893.patch from from qemu 0.9.1-1
to address the following issues:
- Cirrus LGD-54XX "bitblt" heap overflow.
- NE2000 "mtu" heap overflow.
- QEMU "net socket" heap overflow.
- QEMU NE2000 "receive" integer signedness error.
- Infinite loop in the emulated SB16 device.
- Unprivileged "aam" instruction does not correctly handle the
undocumented divisor operand.
- Unprivileged "icebp" instruction will halt emulation.
* Include patch which defaults to existing behaviour (probing based on file
contents), so it still requires the mgmt app (e.g. libvirt xml) to
pass a new "format=raw" parameter for raw disk images
- Fixes possible privilege escalation, which could allow guest users
to read arbitrary files on the host by modifying the header to identify
a different format (Closes: #481204) Fixes: CVE-2008-2004
Checksums-Sha1:
91a99c6cd0fb41e7ce54e413f1d8b1ca939f9347 1308 kvm_66+dfsg-1.1.dsc
d03b192d199763803083e1c88d3fbe7ac80f35c5 34347 kvm_66+dfsg-1.1.diff.gz
3b32e47d274d621c760209cc686a14a232295e6e 186850 kvm-data_66+dfsg-1.1_all.deb
7d84ae37e8f8fb08e49efed0f9f659a18acee34d 158952 kvm-source_66+dfsg-1.1_all.deb
917f2b97235de8ee38254f42b1a428208fada0d5 632944 kvm_66+dfsg-1.1_i386.deb
Checksums-Sha256:
a66a2f026ba401e7a0115b1923bd86e52390e2015a58ceb4637b4f5e18abc1ce 1308 kvm_66+dfsg-1.1.dsc
0d65d3c69bf308ddce0f37c23e36fb1a3a69ed245729646293932e54b248deff 34347 kvm_66+dfsg-1.1.diff.gz
f25066a3281482ae0f2c043a954c1b566d39a66a3b5eac5e9aec35ff9f6456b8 186850 kvm-data_66+dfsg-1.1_all.deb
37934401158248b77f3daa3ed9fdf1aa1ba268efc7491788eafbc39bc7fa538e 158952 kvm-source_66+dfsg-1.1_all.deb
f4c635a3927c2b19d1c3fafe4df16096a54113144c4e149fc9960562195657bf 632944 kvm_66+dfsg-1.1_i386.deb
Files:
23def165ed98f21c558245099146b41d 1308 misc optional kvm_66+dfsg-1.1.dsc
5d3bf47baebe9a89d771b30830c9df92 34347 misc optional kvm_66+dfsg-1.1.diff.gz
6b0557c6e139d5803f0878438d49a281 186850 misc optional kvm-data_66+dfsg-1.1_all.deb
0528a7efdd3d30b8d28c4e0674ec28c1 158952 misc optional kvm-source_66+dfsg-1.1_all.deb
202bae86a7d24a0d3270fd91c440922e 632944 misc optional kvm_66+dfsg-1.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIMuDa62zWxYk/rQcRAhzzAKCtHxSlNFh0pwUMOb8jHmMkmRY3owCfWCiJ
Nd8wh9rdLpYp6KU6pkcSqD0=
=H9hM
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 18 Jun 2008 07:26:39 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:19:01 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon