Debian Bug report logs -
#825210
qemu: CVE-2016-4952: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 24 May 2016 15:00:02 UTC
Severity: important
Tags: patch, security, upstream
Found in version qemu/1.5.0~rc0+dfsg-1
Fixed in version qemu/1:2.6+dfsg-2
Done: Michael Tokarev <mjt@tls.msk.ru>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>:
Bug#825210; Package src:qemu.
(Tue, 24 May 2016 15:00:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>.
(Tue, 24 May 2016 15:00:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: qemu
Version: 1.5.0~rc0+dfsg-1
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for qemu.
CVE-2016-4952[0]:
| scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data
| routines
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-4952
Please adjust the affected versions in the BTS as needed, but should
be from 1.5.0~rc0 on.
Regards,
Salvatore
Added tag(s) patch.
Request was from <mjt@tls.msk.ru>
to control@bugs.debian.org.
(Fri, 03 Jun 2016 06:48:13 GMT) (full text, mbox, link).
Reply sent
to Michael Tokarev <mjt@tls.msk.ru>:
You have taken responsibility.
(Mon, 13 Jun 2016 10:33:27 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Mon, 13 Jun 2016 10:33:27 GMT) (full text, mbox, link).
Message #12 received at 825210-close@bugs.debian.org (full text, mbox, reply):
Source: qemu
Source-Version: 1:2.6+dfsg-2
We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 825210@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 13 Jun 2016 12:10:44 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.6+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
qemu - fast processor emulator
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 807006 821061 821062 824856 825207 825210 825614 825615 825616 826151 827024 827026
Changes:
qemu (1:2.6+dfsg-2) unstable; urgency=medium
.
* add missing log entries for previous upload,
remove closing of #807006 (it is not closed)
* Added vga-add-sr_vbe-register-set.patch from upstream
This fixes regression (in particular with win7 installer)
introduced by the fix for CVE-2016-3712 (commit fd3c136)
* fix-linking-relocatable-objects-on-sparc.patch (Closes: #807006)
* Lots of security patches from upstream:
- net-mipsnet-check-packet-length-against-buffer-CVE-2016-4002.patch
(Closes: #821061, CVE-2016-4002)
- i386-kvmvapic-initialise-imm32-variable-CVE-2016-4020.patch
(Closes: #821062, CVE-2016-4020)
- esp-check-command-buffer-length-before-write-CVE-2016-4439.patch,
esp-check-dma-length-before-reading-scsi-command-CVE-2016-4441.patch
(Closes: #824856, CVE-2016-4439, CVE-2016-4441)
- scsi-mptsas-infinite-loop-while-fetching-requests-CVE-2016-4964.patch
(Closes: #825207, CVE-2016-4964)
- scsi-pvscsi-check-command-descriptor-ring-buffer-size-CVE-2016-4952.patch
(Closes: #825210, CVE-2016-4952)
- scsi-megasas-use-appropriate-property-buffer-size-CVE-2016-5106.patch
(Closes: #825615, CVE-2016-5106)
- scsi-megasas-initialise-local-configuration-data-buffer-CVE-2016-5105.patch
(Closes: #825614, CVE-2016-5105)
- scsi-megasas-check-read_queue_head-index-value-CVE-2016-5107.patch
(Closes: #825616, CVE-2016-5107)
- block-iscsi-avoid-potential-overflow-of-acb-task-cdb-CVE-2016-5126.patch
(Closes: #826151, CVE-2016-5126)
- scsi-esp-check-TI-buffer-index-before-read-write-CVE-2016-5338.patch
(Closes: #827024, CVE-2016-5338)
- scsi-megasas-null-terminate-bios-version-buffer-CVE-2016-5337.patch
(Closes: #827026, CVE-2016-5337)
* hw-dma-omap-spelling-fix-endianness.patch (lintian)
* arm-spelling-fix-mismatch.patch (lintian)
Checksums-Sha1:
c7bfaf226759a0abf2bdbf070490ba9bcfea2d11 5374 qemu_2.6+dfsg-2.dsc
f72fccdfd39c7882c36af16bf024b5b416136ef1 78948 qemu_2.6+dfsg-2.debian.tar.xz
Checksums-Sha256:
eed146b74c737bc623eab457f600051e40c3ef504238580b5e840040010ade2b 5374 qemu_2.6+dfsg-2.dsc
16cab07f355b55d02238989a1a16462231658a84bb717d7e30f1117170678e46 78948 qemu_2.6+dfsg-2.debian.tar.xz
Files:
42c1446bc58cfdce54cdd3aae2c5fa67 5374 otherosfs optional qemu_2.6+dfsg-2.dsc
fe2fa2f56cc1696da0e13ae0f2e3b3b5 78948 otherosfs optional qemu_2.6+dfsg-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXXoR8AAoJEL7lnXSkw9fbWvIIAIIO8qmUG+eta8K9DiorATiy
R1RJhpxs/GehjbL1gjGD9p0l4QVIyTJDFWhCgREIrTmBvdRGjV3K0haqW1zt6wMM
hloLV0HMuPVzXJkahiFsE6Ig5NMv2BoUT6WffUHdC8qPSeWeVyBl+HxstufNw4JQ
ZCevUEUxxrBj9fAQWoBwND+TX4KzNjOtSRWqrj7OQXX5dFp3BS1DNgTRu8pCXrqI
cAwgfW4yMglEe87skmuiII65hC5DSlMd0B5rHNCavn7kDOLvofEPJJv2SlMazSb/
8gLTOeA5dfoYXqvWkHc1TtMDgEa1gpcBpowBj9JSfPQrnesIpsK7QpttEGgAU0o=
=pWzU
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 15 Jul 2016 07:26:27 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 19:25:19 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon