Several security issues were fixed in QEMU ...
Debian Bug report logs -
#815680
qemu: CVE-2016-2538: usb: integer overflow in remote NDIS control message handling
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 23 Feb 2016 16:54:02 UTC
Severit ...
Debian Bug report logs -
#813194
CVE-2016-2197: ide: ahci null pointer dereference when using FIS CLB engines
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Sat, 30 Jan 2016 11:30:01 UTC
Severity: important
T ...
Debian Bug report logs -
#821038
qemu: CVE-2016-4001: net: buffer overflow in stellaris_enet emulator
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 14 Apr 2016 21:18:05 UTC
Severity: important
T ...
Debian Bug report logs -
#815008
qemu: CVE-2016-2392: usb: null pointer dereference in remote NDIS control message handling
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 17 Feb 2016 16:42:01 UTC
...
Debian Bug report logs -
#817181
qemu: CVE-2016-2841: net: ne2000: infinite loop in ne2000_receive
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 8 Mar 2016 19:18:02 UTC
Severity: important
Tags ...
Debian Bug report logs -
#817183
qemu: CVE-2016-2858: rng-random: arbitrary stack based allocation leading to corruption
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 8 Mar 2016 19:21:02 UTC
Se ...
Debian Bug report logs -
#815009
qemu: CVE-2016-2391: usb: multiple eof_timers in ohci leads to null pointer dereference
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 17 Feb 2016 16:42:06 UTC
Se ...
Debian Bug report logs -
#822344
qemu: CVE-2016-4037: usb: Infinite loop vulnerability in usb_ehci using siTD process
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 23 Apr 2016 17:27:01 UTC
Sever ...
Debian Bug report logs -
#817182
qemu: CVE-2016-2857: net: out of bounds read in net_checksum_calculate
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 8 Mar 2016 19:18:06 UTC
Severity: important ...
Debian Bug report logs -
#813193
CVE-2016-2198: usb: ehci null pointer dereference in ehci_caps_write
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Sat, 30 Jan 2016 11:24:01 UTC
Severity: important
Tags: pat ...
Debian Bug report logs -
#823830
qemu: CVE-2016-3710 CVE-2016-3712
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 9 May 2016 12:27:02 UTC
Severity: grave
Tags: security, upstream
Found in versi ...
A NULL pointer dereference flaw was found in the QEMU emulator built with USB Net device emulation support The flaw could occur while processing remote NDIS control message packets, if the USB configuration descriptor object is NULL A privileged user inside a guest could exploit this flaw to crash the QEMU process instance (denial of service) ...