Debian Bug report logs -
#793811
qemu: CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 27 Jul 2015 18:12:02 UTC
Severity: grave
Tags: security, upstream
Found in version qemu/1.5.0+dfsg-1
Fixed in versions qemu/1:2.4+dfsg-1a, qemu/1:2.1+dfsg-12+deb8u2
Done: Salvatore Bonaccorso <carnil@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>:
Bug#793811; Package src:qemu.
(Mon, 27 Jul 2015 18:12:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>.
(Mon, 27 Jul 2015 18:12:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: qemu
Version: 1.5.0+dfsg-1
Severity: grave
Tags: security upstream
Hi,
the following vulnerability was published for qemu.
CVE-2015-5154[0]:
QEMU heap overflow flaw while processing certain ATAPI commands
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-5154
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1243563
Regards,
Salvatore
Added tag(s) pending.
Request was from <mjt@tls.msk.ru>
to control@bugs.debian.org.
(Mon, 31 Aug 2015 12:27:21 GMT) (full text, mbox, link).
Reply sent
to Michael Tokarev <mjt@tls.msk.ru>:
You have taken responsibility.
(Mon, 31 Aug 2015 15:48:12 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Mon, 31 Aug 2015 15:48:12 GMT) (full text, mbox, link).
Message #12 received at 793811-close@bugs.debian.org (full text, mbox, reply):
Source: qemu
Source-Version: 1:2.4+dfsg-1a
We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 793811@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 31 Aug 2015 16:28:08 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm libcacard0 libcacard-dev libcacard-tools
Architecture: source
Version: 1:2.4+dfsg-1a
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
libcacard-dev - Virtual Common Access Card (CAC) Emulator (development files)
libcacard-tools - Virtual Common Access Card (CAC) Emulator (tools)
libcacard0 - Virtual Common Access Card (CAC) Emulator (runtime library)
qemu - fast processor emulator
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 793388 793811 793817 794610 794611 795087 795461 796465
Changes:
qemu (1:2.4+dfsg-1a) unstable; urgency=medium
.
* new upstream (2.4.0) release
Closes: #795461, #793811, #794610, #795087, #794611, #793388
CVE-2015-3214 CVE-2015-5154 CVE-2015-5165 CVE-2015-5745
CVE-2015-5166 CVE-2015-5158
Closes: #793817
* removed all upstreamed patches
* remove --enable-vnc-ws option (not used anymore)
* update mjt-set-oem-in-rsdt-like-slic.diff
* vnc-fix-memory-corruption-CVE-2015-5225.patch from upstream
Closes: #796465 CVE-2015-5225
* remove now-unused /etc/qemu/target-x86_64.conf
Checksums-Sha1:
3cfe8483bfc42ab0a71f7c4993c80a46c423a973 6044 qemu_2.4+dfsg-1a.dsc
50abfe59be072820e933e68f049844f8e4d41822 5847444 qemu_2.4+dfsg.orig.tar.xz
0000fa25a4d795123d2f0fd623569533d43b02e5 62084 qemu_2.4+dfsg-1a.debian.tar.xz
Checksums-Sha256:
9110dcb593a324701dca6328616097206a25b5b06d31742ae762f9610591a910 6044 qemu_2.4+dfsg-1a.dsc
fac42371926deac8a2e64ff7d36d483d524841a88e9d96f5f8f8f796a50e3595 5847444 qemu_2.4+dfsg.orig.tar.xz
532c24fc19df15731bacaf3e4cfd90d6d0b6cad9c2541fc80b7b628e9ced5b38 62084 qemu_2.4+dfsg-1a.debian.tar.xz
Files:
4df20832a6ebaed264ab9e9e07274424 6044 otherosfs optional qemu_2.4+dfsg-1a.dsc
0b1db74f432a8b3bd9b6b0d07c8f3cc1 5847444 otherosfs optional qemu_2.4+dfsg.orig.tar.xz
2a0c7d279425626358d2abcef4bf6773 62084 otherosfs optional qemu_2.4+dfsg-1a.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJV5FsQAAoJEL7lnXSkw9fbVnUIAKBB3pX6sz5HHP0K3aSilyJx
Guy+bOgPGVp5V6pumpqjnrbzTcfuoCjtdH6j6cqFwBqRNtWeZ3EabVZgIVv6AkD+
R6y+C2Nhi0LssZbNGJdkLemv9UFkIdAwMrJKiMqnT+aWkRo1dCR2SGLXXh+ZPoCb
CxcPF5aYdkGfyiHP3pxzRZSt+6fp4+mEGvdOP61u+mma2MwkLwdEhwIhOYVxsGiQ
kFcR8ALEILj0b4znt8L6LsCjEJ/WkgTOCAkk+xzcyRIs6oavzYR+y0oVfNaVLtZ/
MIoRI8pOAJ2HBiYwMJXG5wWpfpH3/tVYPtuMffWKgHM9ynC1zt79z8VLYCVzqa8=
=s/3S
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sun, 06 Sep 2015 22:21:14 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 06 Sep 2015 22:21:14 GMT) (full text, mbox, link).
Message #17 received at 793811-close@bugs.debian.org (full text, mbox, reply):
Source: qemu
Source-Version: 1:2.1+dfsg-12+deb8u2
We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 793811@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated qemu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 29 Aug 2015 16:12:31 +0200
Source: qemu
Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.1+dfsg-12+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 793811 794610 795087 795461 796465
Description:
qemu - fast processor emulator
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Changes:
qemu (1:2.1+dfsg-12+deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add 0001-i8254-fix-out-of-bounds-memory-access-in-pit_ioport_.patch patch.
CVE-2015-3214: i8254: out-of-bounds memory access in pit_ioport_read
function. (Closes: #795461)
* Add patches to address heap overflow when processing ATAPI commands.
CVE-2015-5154: heap overflow during I/O buffer memory access.
(Closes: #793811)
* Add CVE-2015-5225.patch patch.
CVE-2015-5225: vnc: heap memory corruption in
vnc_refresh_server_surface. (Closes: #796465)
* Add 0001-virtio-serial-fix-ANY_LAYOUT.patch patch.
CVE-2015-5745: buffer overflow in virtio-serial. (Closes: #795087)
* Add patches for CVE-2015-5165.
CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to
guest. (Closes: #794610)
Checksums-Sha1:
ac15c1363023106bbf9f73d7f9a7d5a8b212b78d 5520 qemu_2.1+dfsg-12+deb8u2.dsc
a11f28854b972f71bb5e5eebe0da55bc82f23cfd 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
Checksums-Sha256:
254db070d83650461ae37dc470346304209d0065fea6852479378344bac92e7f 5520 qemu_2.1+dfsg-12+deb8u2.dsc
96f8859ab1e020b92e48000a90d06ee1e7d8f044acfa6666d715250100b417bc 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
Files:
a23f7c6041f858efc24ba57b49869e25 5520 otherosfs optional qemu_2.1+dfsg-12+deb8u2.dsc
0075b321bff7879126a7282c081673d2 112728 otherosfs optional qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJV4cjiAAoJEAVMuPMTQ89E+0EP/1IMxmuGwUSoeBVNKKl4weMx
w7RFN4OtpMAK2ZbLESBRLTP0N1EH0xfqv7r5Snu0bcwG+26Zz1UwcEi+AZpSW2gd
fYKzWorz8pCdMiSsDv0gGLfzk7xf264zhCxciyagI0r8blVQpiS9ebj/jwY6/RtS
XtiPGQb10GmMeZzjy1s4ZZsiatIi8CdFh8yZMu4UKdAIfkzgIbNaExdY70jX01S+
pts7gBqET5aYlhKxKJT+6bNIXbGe2DiDZDHcqIuci7TLLJ/OFQCxtJlntkoo6qX0
FdaKHoGfs9TnKUpl0+nBlWzSzhjHMwDVolGOTVZ+uy4SPlh7UZmyMtnDeaADTuUw
F3OnlohyFfzMoPLp6IAucc+tlKFYc7nKMhLHBCKMjPQxVy7HF/VwboD4tGb1lQvz
uL1gK3aYz5AMou+q4yPeiLwh4tVgwrrkb4hRBqMt+/kM6nzoejdcQsqLfG7aRJGn
NyOA5Cr6eCKDl+nym6jIq0PkCqhuDzgfNfWIGv323DIFE6aljNrwGwbQwAGg+rgM
qnxZXjyAChHOIHBQbddA5htL90ERcc7+DH2hHaFG776MQ33FVQY9dS7JS1jLl2ty
dZrMZ62azcq2FyQmg1xeel39qbpBAYiU/wWomSIbCat+yy0mqe1kcwBFY0JlnXEq
ZFACMxr1PX7mQc+pO3of
=U3/8
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 21 Feb 2016 07:27:21 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:57:12 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon