Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2009-3616: Multiple use-after-free vulnerabilities in vnc.c

Related Vulnerabilities: CVE-2009-3616  

Source

Debian Bug report logs - #553589
CVE-2009-3616: Multiple use-after-free vulnerabilities in vnc.c

version graph

Package: qemu; Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>; Source for qemu is src:qemu (PTS, buildd, popcon).

Reported by: Giuseppe Iuculano <iuculano@debian.org>

Date: Sun, 1 Nov 2009 10:12:01 UTC

Severity: grave

Tags: security

Found in version qemu/0.10.6-1

Fixed in version 0.11.0-1

Done: Aurelien Jarno <aurelien@aurel32.net>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>:
Bug#553589; Package qemu. (Sun, 01 Nov 2009 10:12:10 GMT) (full text, mbox, link).

Acknowledgement sent to Giuseppe Iuculano <iuculano@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>. (Sun, 01 Nov 2009 10:12:12 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Giuseppe Iuculano <iuculano@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CVE-2009-3616: Multiple use-after-free vulnerabilities in vnc.c
Date: Sun, 01 Nov 2009 11:09:27 +0100
Package: qemu
Version: 0.10.6-1
Severity: grave
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for qemu.

CVE-2009-3616[0]:
| Multiple use-after-free vulnerabilities in vnc.c in the VNC server in
| QEMU 0.10.6 and earlier might allow guest OS users to execute
| arbitrary code on the host OS by establishing a connection from a VNC
| client and then (1) disconnecting during data transfer, (2) sending a
| message using incorrect integer data types, or (3) using the Fuzzy
| Screen Mode protocol, related to double free vulnerabilities.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3616
    http://security-tracker.debian.org/tracker/CVE-2009-3616

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrtXlEACgkQNxpp46476ao3NgCdGPnMHfTITK7HUXeruU2ZGG/2
bsEAn2GLZX9LZxbBxn6T+lwsQ/yjX/8R
=F/Fd
-----END PGP SIGNATURE-----

Reply sent to Aurelien Jarno <aurelien@aurel32.net>:
You have taken responsibility. (Tue, 17 Nov 2009 07:57:06 GMT) (full text, mbox, link).

Notification sent to Giuseppe Iuculano <iuculano@debian.org>:
Bug acknowledged by developer. (Tue, 17 Nov 2009 07:57:06 GMT) (full text, mbox, link).

Message #10 received at 553589-done@bugs.debian.org (full text, mbox, reply):

From: Aurelien Jarno <aurelien@aurel32.net>
To: Giuseppe Iuculano <iuculano@debian.org>, 553589-done@bugs.debian.org
Subject: Re: Bug#553589: CVE-2009-3616: Multiple use-after-free vulnerabilities in vnc.c
Date: Tue, 17 Nov 2009 08:50:32 +0100
Version: 0.11.0-1

On Sun, Nov 01, 2009 at 11:09:27AM +0100, Giuseppe Iuculano wrote:
> Package: qemu
> Version: 0.10.6-1
> Severity: grave
> Tags: security
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for qemu.
> 
> CVE-2009-3616[0]:
> | Multiple use-after-free vulnerabilities in vnc.c in the VNC server in
> | QEMU 0.10.6 and earlier might allow guest OS users to execute
> | arbitrary code on the host OS by establishing a connection from a VNC
> | client and then (1) disconnecting during data transfer, (2) sending a
> | message using incorrect integer data types, or (3) using the Fuzzy
> | Screen Mode protocol, related to double free vulnerabilities.
> 
> If you fix the vulnerability please also make sure to include the
> CVE id in your changelog entry.
> 
> For further information see:
> 
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3616
>     http://security-tracker.debian.org/tracker/CVE-2009-3616
> 

The version 0.11.0-1 currently in unstable is not vulnerable to this
security issue. Marking the bug has fixed.


-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 16 Dec 2009 07:40:09 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 14:04:44 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started