Debian Bug report logs -
#838687
qemu: CVE-2016-7466: memory leakage during device unplug
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 23 Sep 2016 16:21:05 UTC
Severity: important
Tags: patch, security, upstream
Found in version qemu/1:2.6+dfsg-3.1
Fixed in versions qemu/1:2.7+dfsg-3, qemu/1:2.7+dfsg-1
Done: Michael Tokarev <mjt@tls.msk.ru>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
:
Bug#838687
; Package src:qemu
.
(Fri, 23 Sep 2016 16:21:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>
:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
.
(Fri, 23 Sep 2016 16:21:07 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: qemu
Version: 1:2.6+dfsg-3.1
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for qemu.
CVE-2016-7466[0]:
usb: xhci memory leakage during device unplug
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-7466
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
:
Bug#838687
; Package src:qemu
.
(Fri, 14 Oct 2016 13:39:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Tokarev <mjt@tls.msk.ru>
:
Extra info received and forwarded to list. Copy sent to Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
.
(Fri, 14 Oct 2016 13:39:02 GMT) (full text, mbox, link).
Message #10 received at 838687@bugs.debian.org (full text, mbox, reply):
Control: tag -1 + pending
23.09.2016 19:18, Salvatore Bonaccorso wrote:
> Source: qemu
> Version: 1:2.6+dfsg-3.1
> Severity: important
> Tags: security upstream patch
>
> Hi,
>
> the following vulnerability was published for qemu.
>
> CVE-2016-7466[0]:
> usb: xhci memory leakage during device unplug
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2016-7466
>
> Please adjust the affected versions in the BTS as needed.
The affected code has been introduced in 2.2.0-rc. Before
that, xhci devices weren't hot-un-pluggable, so the bug
didn't exist.
No previous debian releases are affected.
More, device unplug can only be triggered from the outside of
the guest, i.e., by the administrator running the virtual machine.
Thanks,
/mjt
Added tag(s) pending.
Request was from Michael Tokarev <mjt@tls.msk.ru>
to 838687-submit@bugs.debian.org
.
(Fri, 14 Oct 2016 13:39:02 GMT) (full text, mbox, link).
Reply sent
to Michael Tokarev <mjt@tls.msk.ru>
:
You have taken responsibility.
(Thu, 27 Oct 2016 17:45:08 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>
:
Bug acknowledged by developer.
(Thu, 27 Oct 2016 17:45:08 GMT) (full text, mbox, link).
Message #17 received at 838687-close@bugs.debian.org (full text, mbox, reply):
Source: qemu
Source-Version: 1:2.7+dfsg-3
We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 838687@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 27 Oct 2016 19:38:01 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.7+dfsg-3
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
qemu - fast processor emulator
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 837574 838687
Changes:
qemu (1:2.7+dfsg-3) unstable; urgency=medium
.
* add PIE.patch to change loadable modules linker flags, from Adrian
(Closes: #837574)
* linux-user-fix-s390x-safe-syscall-for-z900.patch - fix FTBFS on s390x
* mention CVE-2016-7466 for 2.7+dfsg-1 (Closes: #838687, CVE-2016-7466)
Checksums-Sha1:
b0801be757059335e73115fe3075507a269da39c 5374 qemu_2.7+dfsg-3.dsc
66e44924f5cf41f24a83a9bcb97f333955c45fe7 73792 qemu_2.7+dfsg-3.debian.tar.xz
Checksums-Sha256:
f03cfaece450527b1e14424d96338adcdb48c64cffef1baf5d077e82d66a61ec 5374 qemu_2.7+dfsg-3.dsc
4a01e3217abc2a337edb9a7ff986ca872e7b2132b9083e3748dfab96ff1caa0a 73792 qemu_2.7+dfsg-3.debian.tar.xz
Files:
b910f6b207edb014b1278a56b01da780 5374 otherosfs optional qemu_2.7+dfsg-3.dsc
688814212aa0a7e94750f07948f8b600 73792 otherosfs optional qemu_2.7+dfsg-3.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJYEi3JAAoJEHAbT2saaT5ZkMkH/j19rVR4tglr1Pr1ciSu5584
4Rgcm3mKD4PK4+E7kzTHbER9iwk7ZVOk9HE448NF8A1IbPK3n9skOqeLK5yRQd5t
hMqWxJO0s7fBG5pKLjpBHZpPISmgPG6P3PgSDxtT7usynXcrHKvl3bb86PxnY+aN
69YM/cGw+maKf2lvBYhDNfTMnas23gpAcNgn+4NOVsJv1AXVctBVJj7PwOH3QRNL
ZpAYCCctBQVPTQibNEhOpTe4ARauxxXJWw87AV2K1b+BsLR9NfUl4nJ1Rx8XGNBY
liPAiyEOOGM1HSmLn+ObJk35Ukp/pFyawHXBNd1OcGWRuNi5aisRxORjMXLQvCc=
=Mf8i
-----END PGP SIGNATURE-----
Marked as fixed in versions qemu/1:2.7+dfsg-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Thu, 27 Oct 2016 18:03:08 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Mon, 05 Dec 2016 11:23:40 GMT) (full text, mbox, link).
Bug unarchived.
Request was from Don Armstrong <don@debian.org>
to control@bugs.debian.org
.
(Wed, 07 Dec 2016 01:57:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sun, 26 Feb 2017 07:35:31 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:56:55 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.