Several security issues were fixed in QEMU ...
Debian Bug report logs -
#815680
qemu: CVE-2016-2538: usb: integer overflow in remote NDIS control message handling
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 23 Feb 2016 16:54:02 UTC
Severit ...
Debian Bug report logs -
#813194
CVE-2016-2197: ide: ahci null pointer dereference when using FIS CLB engines
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Sat, 30 Jan 2016 11:30:01 UTC
Severity: important
T ...
Debian Bug report logs -
#821038
qemu: CVE-2016-4001: net: buffer overflow in stellaris_enet emulator
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 14 Apr 2016 21:18:05 UTC
Severity: important
T ...
Debian Bug report logs -
#815008
qemu: CVE-2016-2392: usb: null pointer dereference in remote NDIS control message handling
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 17 Feb 2016 16:42:01 UTC
...
Debian Bug report logs -
#817181
qemu: CVE-2016-2841: net: ne2000: infinite loop in ne2000_receive
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 8 Mar 2016 19:18:02 UTC
Severity: important
Tags ...
Debian Bug report logs -
#817183
qemu: CVE-2016-2858: rng-random: arbitrary stack based allocation leading to corruption
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 8 Mar 2016 19:21:02 UTC
Se ...
Debian Bug report logs -
#815009
qemu: CVE-2016-2391: usb: multiple eof_timers in ohci leads to null pointer dereference
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 17 Feb 2016 16:42:06 UTC
Se ...
Debian Bug report logs -
#822344
qemu: CVE-2016-4037: usb: Infinite loop vulnerability in usb_ehci using siTD process
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 23 Apr 2016 17:27:01 UTC
Sever ...
Debian Bug report logs -
#817182
qemu: CVE-2016-2857: net: out of bounds read in net_checksum_calculate
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 8 Mar 2016 19:18:06 UTC
Severity: important ...
Debian Bug report logs -
#813193
CVE-2016-2198: usb: ehci null pointer dereference in ehci_caps_write
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Sat, 30 Jan 2016 11:24:01 UTC
Severity: important
Tags: pat ...
Debian Bug report logs -
#823830
qemu: CVE-2016-3710 CVE-2016-3712
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 9 May 2016 12:27:02 UTC
Severity: grave
Tags: security, upstream
Found in versi ...
An integer-overflow issue was found in the QEMU emulator built with USB Net device emulation support The flaw could occur while processing remote NDIS control message packets because the incoming informationBufferOffset & Length combination could cross the integer range A privileged user inside a guest could use this flaw to leak host memory ...
Vulmon