CVE-2018-12617

Debian Bug report logs - #902725
CVE-2018-12617

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: CVE-2018-12617

Date: Fri, 29 Jun 2018 23:08:26 +0200

Source: qemu
Severity: important
Tags: security

This was assigned CVE-2018-12617:
https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03385.html
https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6

Cheers,
        Moritz

Message #14 received at 902725-close@bugs.debian.org (full text, mbox, reply):

From: Michael Tokarev <mjt@tls.msk.ru>

To: 902725-close@bugs.debian.org

Subject: Bug#902725: fixed in qemu 1:3.1+dfsg-1

Date: Wed, 12 Dec 2018 09:16:37 +0000

Source: qemu
Source-Version: 1:3.1+dfsg-1

We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 902725@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Dec 2018 19:10:27 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-data qemu-system-common qemu-system-gui qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:3.1+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
 qemu       - fast processor emulator, dummy package
 qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-data - QEMU full system emulation (data files)
 qemu-system-gui - QEMU full system emulation binaries (user interface and audio sup
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Closes: 795486 813658 901017 902501 902725 907500 908682 910431 911468 911469 911470 911499 912535 914599 914604 914727 915884
Changes:
 qemu (1:3.1+dfsg-1) unstable; urgency=medium
 .
   * new upstream release (3.1)
   * Security bugs fixed by upstream:
     Closes: #910431, CVE-2018-10839:
      integer overflow leads to buffer overflow issue
     Closes: #911468, CVE-2018-17962
      pcnet: integer overflow leads to buffer overflow
     Closes: #911469, CVE-2018-17963
      net: ignore packets with large size
     Closes: #908682, CVE-2018-3639
      qemu should be able to pass the ssbd cpu flag
     Closes: #901017, CVE-2018-11806
      m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow
      via incoming fragmented datagrams
     Closes: #902725, CVE-2018-12617
      qmp_guest_file_read in qemu-ga has an integer overflow
     Closes: #907500, CVE-2018-15746
      qemu-seccomp might allow local OS guest users to cause a denial of service
     Closes: #915884, CVE-2018-16867
      dev-mtp: path traversal in usb_mtp_write_data of the MTP
     Closes: #911499, CVE-2018-17958
      Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c
      because an incorrect integer data type is used
     Closes: #911470, CVE-2018-18438
      integer overflows because IOReadHandler and its associated functions
      use a signed integer data type for a size value
     Closes: #912535, CVE-2018-18849
      lsi53c895a: OOB msg buffer access leads to DoS
     Closes: #914604, CVE-2018-18954
      pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1
      allows out-of-bounds write or read access to PowerNV memory
     Closes: #914599, CVE-2018-19364
      Use-after-free due to race condition while updating fid path
     Closes: #914727, CVE-2018-19489
      9pfs: crash due to race condition in renaming files
   * remove patches which were applied upstream
   * add new manpage qemu-cpu-models.7
   * qemu-system-ppcemb is gone, use qemu-system-ppc[64]
   * do-not-link-everything-with-xen.patch (trivial)
   * get-orig-source: handle 3.x and 4.x, and remove roms again, as
     upstream wants us to use separate source packages for that stuff
   * move generated data from qemu-system-data back to qemu-system-common
   * d/control: enable spice on arm64 (Closes: #902501)
     (probably should enable on all)
   * d/control: change git@salsa urls to https
   * add qemu-guest-agent.service (Closes: #795486)
   * enable opengl support and virglrenderer (Closes: #813658)
   * simplify d/rules just a little bit
   * build-depend on libudev-dev, for qga
Checksums-Sha1:
 a65a31436ea02a77c21bff8f7afa02ae05938a26 5967 qemu_3.1+dfsg-1.dsc
 b6a6c31d146b13e14af253d6dc25f16ccad7d060 8705368 qemu_3.1+dfsg.orig.tar.xz
 a07b0298ac2fe6be7ee5e9540fd6fc6d9c1b20ee 72160 qemu_3.1+dfsg-1.debian.tar.xz
 2233f07915fcbb0daa421fca2674a139941f832b 16084 qemu_3.1+dfsg-1_source.buildinfo
Checksums-Sha256:
 c1b9ec8e25ff07877505291d8c0ef235f7b81117a9a706bdf76deba857c09484 5967 qemu_3.1+dfsg-1.dsc
 2f277942759dd3eed21f7e00edfeab52b4f58d6f2f22d4f7e1a8aa4dc54c80d7 8705368 qemu_3.1+dfsg.orig.tar.xz
 62ccd57796c3a43d99aac37ffac4b24b7188216f719ff50b0e1ce84f058ccca5 72160 qemu_3.1+dfsg-1.debian.tar.xz
 4f53f5acac8637a3716dbd1ea4380d7c08a8c1d15a1de581095963b1e76b560b 16084 qemu_3.1+dfsg-1_source.buildinfo
Files:
 059657635379ae27ba846df240e16b54 5967 otherosfs optional qemu_3.1+dfsg-1.dsc
 b17f33786c89d547150490811a40f0b2 8705368 otherosfs optional qemu_3.1+dfsg.orig.tar.xz
 62ef7391f798ccbd2b4d5f7928033522 72160 otherosfs optional qemu_3.1+dfsg-1.debian.tar.xz
 13fd8a8bb95fc80a05de9f1cb33a50ce 16084 otherosfs optional qemu_3.1+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAlwQzGwPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5Z+zUH/1AG3gTlCfodSE7V0FW8268LUMpsJS7mpZ/p
4K8GUdAXtH6TWN1n4vfbUeCaO+dJYHT2g0dTFqwKhJoLElhcCFH8F2pcVQPJfPQQ
YLYQIR/5Mijs+cHIpbzc7KO4Jj2umLOe0GZtEnmbXvBNGRf9/KImb8nRzSitVJSX
qlRSLsr5tLVIgBxGJynPCWYLzwAnvv6chSNBT7e/1vBvo87B1l3gL7ibRdIF3CFJ
s4mYqyYQvIwlEgOE1UKswSunQjcbjZY2ATy0DAxZw5E0ec8etX3cl/tCH8Hq6aSZ
lpDOsBZu/rRukrF3Rt7GSSPCsoLXwWUYa9mRnEsTBWzcw0pJKmc=
=1I7Y
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.