qemu: CVE-2015-5745: buffer overflow in virtio-serial

Debian Bug report logs - #795087
qemu: CVE-2015-5745: buffer overflow in virtio-serial

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: qemu: CVE-2015-5745: buffer overflow in virtio-serial

Date: Mon, 10 Aug 2015 15:22:05 +0200

Source: qemu
Version: 0.13.0+dfsg-1
Severity: normal
Tags: security upstream fixed-upstream

Hi,

the following vulnerability was published for qemu.

CVE-2015-5745[0]:
buffer overflow in virtio-serial

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-5745
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1251157

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #12 received at 795087-close@bugs.debian.org (full text, mbox, reply):

From: Michael Tokarev <mjt@tls.msk.ru>

To: 795087-close@bugs.debian.org

Subject: Bug#795087: fixed in qemu 1:2.4+dfsg-1a

Date: Mon, 31 Aug 2015 15:44:08 +0000

Source: qemu
Source-Version: 1:2.4+dfsg-1a

We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 795087@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 31 Aug 2015 16:28:08 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm libcacard0 libcacard-dev libcacard-tools
Architecture: source
Version: 1:2.4+dfsg-1a
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
 libcacard-dev - Virtual Common Access Card (CAC) Emulator (development files)
 libcacard-tools - Virtual Common Access Card (CAC) Emulator (tools)
 libcacard0 - Virtual Common Access Card (CAC) Emulator (runtime library)
 qemu       - fast processor emulator
 qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Closes: 793388 793811 793817 794610 794611 795087 795461 796465
Changes:
 qemu (1:2.4+dfsg-1a) unstable; urgency=medium
 .
   * new upstream (2.4.0) release
     Closes: #795461, #793811, #794610, #795087, #794611, #793388
     CVE-2015-3214 CVE-2015-5154 CVE-2015-5165 CVE-2015-5745
     CVE-2015-5166 CVE-2015-5158
     Closes: #793817
   * removed all upstreamed patches
   * remove --enable-vnc-ws option (not used anymore)
   * update mjt-set-oem-in-rsdt-like-slic.diff
   * vnc-fix-memory-corruption-CVE-2015-5225.patch from upstream
     Closes: #796465 CVE-2015-5225
   * remove now-unused /etc/qemu/target-x86_64.conf
Checksums-Sha1:
 3cfe8483bfc42ab0a71f7c4993c80a46c423a973 6044 qemu_2.4+dfsg-1a.dsc
 50abfe59be072820e933e68f049844f8e4d41822 5847444 qemu_2.4+dfsg.orig.tar.xz
 0000fa25a4d795123d2f0fd623569533d43b02e5 62084 qemu_2.4+dfsg-1a.debian.tar.xz
Checksums-Sha256:
 9110dcb593a324701dca6328616097206a25b5b06d31742ae762f9610591a910 6044 qemu_2.4+dfsg-1a.dsc
 fac42371926deac8a2e64ff7d36d483d524841a88e9d96f5f8f8f796a50e3595 5847444 qemu_2.4+dfsg.orig.tar.xz
 532c24fc19df15731bacaf3e4cfd90d6d0b6cad9c2541fc80b7b628e9ced5b38 62084 qemu_2.4+dfsg-1a.debian.tar.xz
Files:
 4df20832a6ebaed264ab9e9e07274424 6044 otherosfs optional qemu_2.4+dfsg-1a.dsc
 0b1db74f432a8b3bd9b6b0d07c8f3cc1 5847444 otherosfs optional qemu_2.4+dfsg.orig.tar.xz
 2a0c7d279425626358d2abcef4bf6773 62084 otherosfs optional qemu_2.4+dfsg-1a.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJV5FsQAAoJEL7lnXSkw9fbVnUIAKBB3pX6sz5HHP0K3aSilyJx
Guy+bOgPGVp5V6pumpqjnrbzTcfuoCjtdH6j6cqFwBqRNtWeZ3EabVZgIVv6AkD+
R6y+C2Nhi0LssZbNGJdkLemv9UFkIdAwMrJKiMqnT+aWkRo1dCR2SGLXXh+ZPoCb
CxcPF5aYdkGfyiHP3pxzRZSt+6fp4+mEGvdOP61u+mma2MwkLwdEhwIhOYVxsGiQ
kFcR8ALEILj0b4znt8L6LsCjEJ/WkgTOCAkk+xzcyRIs6oavzYR+y0oVfNaVLtZ/
MIoRI8pOAJ2HBiYwMJXG5wWpfpH3/tVYPtuMffWKgHM9ynC1zt79z8VLYCVzqa8=
=s/3S
-----END PGP SIGNATURE-----

Message #17 received at 795087-close@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: 795087-close@bugs.debian.org

Subject: Bug#795087: fixed in qemu 1:2.1+dfsg-12+deb8u2

Date: Sun, 06 Sep 2015 22:19:25 +0000

Source: qemu
Source-Version: 1:2.1+dfsg-12+deb8u2

We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 795087@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated qemu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 29 Aug 2015 16:12:31 +0200
Source: qemu
Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.1+dfsg-12+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 793811 794610 795087 795461 796465
Description: 
 qemu       - fast processor emulator
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Changes:
 qemu (1:2.1+dfsg-12+deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add 0001-i8254-fix-out-of-bounds-memory-access-in-pit_ioport_.patch patch.
     CVE-2015-3214: i8254: out-of-bounds memory access in pit_ioport_read
     function. (Closes: #795461)
   * Add patches to address heap overflow when processing ATAPI commands.
     CVE-2015-5154: heap overflow during I/O buffer memory access.
     (Closes: #793811)
   * Add CVE-2015-5225.patch patch.
     CVE-2015-5225: vnc: heap memory corruption in
     vnc_refresh_server_surface. (Closes: #796465)
   * Add 0001-virtio-serial-fix-ANY_LAYOUT.patch patch.
     CVE-2015-5745: buffer overflow in virtio-serial. (Closes: #795087)
   * Add patches for CVE-2015-5165.
     CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to
     guest. (Closes: #794610)
Checksums-Sha1: 
 ac15c1363023106bbf9f73d7f9a7d5a8b212b78d 5520 qemu_2.1+dfsg-12+deb8u2.dsc
 a11f28854b972f71bb5e5eebe0da55bc82f23cfd 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
Checksums-Sha256: 
 254db070d83650461ae37dc470346304209d0065fea6852479378344bac92e7f 5520 qemu_2.1+dfsg-12+deb8u2.dsc
 96f8859ab1e020b92e48000a90d06ee1e7d8f044acfa6666d715250100b417bc 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
Files: 
 a23f7c6041f858efc24ba57b49869e25 5520 otherosfs optional qemu_2.1+dfsg-12+deb8u2.dsc
 0075b321bff7879126a7282c081673d2 112728 otherosfs optional qemu_2.1+dfsg-12+deb8u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV4cjiAAoJEAVMuPMTQ89E+0EP/1IMxmuGwUSoeBVNKKl4weMx
w7RFN4OtpMAK2ZbLESBRLTP0N1EH0xfqv7r5Snu0bcwG+26Zz1UwcEi+AZpSW2gd
fYKzWorz8pCdMiSsDv0gGLfzk7xf264zhCxciyagI0r8blVQpiS9ebj/jwY6/RtS
XtiPGQb10GmMeZzjy1s4ZZsiatIi8CdFh8yZMu4UKdAIfkzgIbNaExdY70jX01S+
pts7gBqET5aYlhKxKJT+6bNIXbGe2DiDZDHcqIuci7TLLJ/OFQCxtJlntkoo6qX0
FdaKHoGfs9TnKUpl0+nBlWzSzhjHMwDVolGOTVZ+uy4SPlh7UZmyMtnDeaADTuUw
F3OnlohyFfzMoPLp6IAucc+tlKFYc7nKMhLHBCKMjPQxVy7HF/VwboD4tGb1lQvz
uL1gK3aYz5AMou+q4yPeiLwh4tVgwrrkb4hRBqMt+/kM6nzoejdcQsqLfG7aRJGn
NyOA5Cr6eCKDl+nym6jIq0PkCqhuDzgfNfWIGv323DIFE6aljNrwGwbQwAGg+rgM
qnxZXjyAChHOIHBQbddA5htL90ERcc7+DH2hHaFG776MQ33FVQY9dS7JS1jLl2ty
dZrMZ62azcq2FyQmg1xeel39qbpBAYiU/wWomSIbCat+yy0mqe1kcwBFY0JlnXEq
ZFACMxr1PX7mQc+pO3of
=U3/8
-----END PGP SIGNATURE-----

Message #22 received at 795087-close@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: 795087-close@bugs.debian.org

Subject: Bug#795087: fixed in qemu 1.1.2+dfsg-6a+deb7u9

Date: Sun, 06 Sep 2015 22:21:08 +0000

Source: qemu
Source-Version: 1.1.2+dfsg-6a+deb7u9

We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 795087@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated qemu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 29 Aug 2015 19:36:38 +0200
Source: qemu
Binary: qemu qemu-keymaps qemu-system qemu-user qemu-user-static qemu-utils
Architecture: source all amd64
Version: 1.1.2+dfsg-6a+deb7u9
Distribution: wheezy-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description: 
 qemu       - fast processor emulator
 qemu-keymaps - QEMU keyboard maps
 qemu-system - QEMU full system emulation binaries
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Closes: 794610 795087
Changes: 
 qemu (1.1.2+dfsg-6a+deb7u9) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add patches for CVE-2015-5165.
     CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to
     guest. (Closes: #794610)
   * Add 0001-virtio-serial-fix-ANY_LAYOUT.patch patch.
     CVE-2015-5745: buffer overflow in virtio-serial. (Closes: #795087)
Checksums-Sha1: 
 f73c28cfc8bcaf8c86fc8f0e15874774936eb4d6 2965 qemu_1.1.2+dfsg-6a+deb7u9.dsc
 d897054ebed03d794313c5ecd7ad243880a28e48 115019 qemu_1.1.2+dfsg-6a+deb7u9.debian.tar.gz
 ea316b81dcde378152d61afbdd1a36c7503e270a 51212 qemu-keymaps_1.1.2+dfsg-6a+deb7u9_all.deb
 8ae2e339dc281be60e08dda70871dd00d709cc38 115752 qemu_1.1.2+dfsg-6a+deb7u9_amd64.deb
 db0391a09bfca8a223a64103c32ecfd36b358f89 27897726 qemu-system_1.1.2+dfsg-6a+deb7u9_amd64.deb
 02e55b7958017c9bb35c807bfd71175523a68521 7726182 qemu-user_1.1.2+dfsg-6a+deb7u9_amd64.deb
 c17cecd4392f84d06e4dfbe245cb080571edc9d4 16572258 qemu-user-static_1.1.2+dfsg-6a+deb7u9_amd64.deb
 b5583d026f09c06282df6eda7ecd057d11a88b96 664084 qemu-utils_1.1.2+dfsg-6a+deb7u9_amd64.deb
Checksums-Sha256: 
 9ada3b0e7d623f2b5848388fe5d4e33e4bdcd01c5e16c67943b7abb71c3c2eb7 2965 qemu_1.1.2+dfsg-6a+deb7u9.dsc
 55d0c23f910d2d48599cb7868c7321529ee94d48fdb759c1f1ad759af02e17b0 115019 qemu_1.1.2+dfsg-6a+deb7u9.debian.tar.gz
 74a72fe7eed3769c075362ea0701900b14ca5451562f1b818806abe9ba387cc2 51212 qemu-keymaps_1.1.2+dfsg-6a+deb7u9_all.deb
 b25406ec11f108fb05dce4a7a9f87449594860f0d2be41cd9be181fd123183a0 115752 qemu_1.1.2+dfsg-6a+deb7u9_amd64.deb
 b4beb0b7ff84ab9452fa5a9e149be5afc3ccf7889ed9240f5d6c52445d1b63ad 27897726 qemu-system_1.1.2+dfsg-6a+deb7u9_amd64.deb
 2e4f96fc5a6b7cc51e347d126c06056f52e0435eac8185fc15e80f708333121e 7726182 qemu-user_1.1.2+dfsg-6a+deb7u9_amd64.deb
 5d1f1c7684918c57493608dc0da19b9e2a3ef32068bb484401b6ec566c3c6248 16572258 qemu-user-static_1.1.2+dfsg-6a+deb7u9_amd64.deb
 39bd30623607f1ac62a5306519bb101a65fd3fd16b6f23e9256da6c7bd0a32dc 664084 qemu-utils_1.1.2+dfsg-6a+deb7u9_amd64.deb
Files: 
 709e035e92c06f1525785e548691e24f 2965 misc optional qemu_1.1.2+dfsg-6a+deb7u9.dsc
 61bcfac2218cf998af4e6f00a19186e8 115019 misc optional qemu_1.1.2+dfsg-6a+deb7u9.debian.tar.gz
 b68ece7446ae2f1c55957b645a685764 51212 misc optional qemu-keymaps_1.1.2+dfsg-6a+deb7u9_all.deb
 62d653adbe2aa46194f8b5212bca9915 115752 misc optional qemu_1.1.2+dfsg-6a+deb7u9_amd64.deb
 ca7094c28a3bccbd0776917399fb7868 27897726 misc optional qemu-system_1.1.2+dfsg-6a+deb7u9_amd64.deb
 2cb6ab761935055e39f5520017713554 7726182 misc optional qemu-user_1.1.2+dfsg-6a+deb7u9_amd64.deb
 8835637e94c625e482863f947de39958 16572258 misc optional qemu-user-static_1.1.2+dfsg-6a+deb7u9_amd64.deb
 486cb94929bc68d47251ee0506f1db5a 664084 misc optional qemu-utils_1.1.2+dfsg-6a+deb7u9_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV4guLAAoJEAVMuPMTQ89E09UP/1COFLHv71P1k6BJH4rPvqNR
yHsygjJuYIfB9Ydzvjme3ZHyjyH7cBP2QNIf8KCpw7LPpHKqgiE8wbzukIDbCdV3
uCtAHYXU0SgmXDLAmGbUZntQ28gwsBE+Z6z5QmnO/lFijmFYiyAR6aOr1zL28tZW
bUZghwnMTLwb9S6AY+CpZNKjSW7eEF4YGR2MNjAgBQ0jt54h6fvk7ShQdyhWabIX
PGB281XGkfQ3rRrWYG79GX9456odQwZbUh76uDMvycT4LNXboc0b+qv4ob7Uc61g
jHAriNZ6j00pSCAP75JOoa0J7dsSn31VF31StsI+Vyp8zyHP0Mg7zWN6bh+donKu
x5Vqf2p9IUQkY7+jUuLhrAump7mKsm6fAbxf7yIfqZ9aSmSKZ+1jEmJIKLRdxJTi
qkVvT4Bs28kikE3GuHVAjIB00lA4zkDECuS1DwkbUKf5AZHGRAJekdmwOpgTuRXa
Ax4+1IAIQZMmlsZw3vUkooJbambIIZsqCpY/SGRKauFTcl/7U+LT1GW+WcKnUCZn
wFBJ9cJROCDPhaiuv8gOB3IRkMOcngvmRfcggpuRJCSxVrxWcMhsJCXFkgyxq0zc
SEQjQT1qMj/i55Iw3MQ6+yL0OPrwebjL33zK20EewjhaPTmmRRjuI48cA32NY0bI
TGy+v3+QzQ6ufvJUf0Fg
=yOBn
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.