Several security issues were fixed in QEMU ...
Debian Bug report logs -
#837339
qemu: CVE-2016-7156: scsi: pvscsi: infintie loop when building SG list
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 10 Sep 2016 18:12:01 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#835031
qemu: CVE-2016-6835: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 21 Aug 2016 14:15: ...
Debian Bug report logs -
#837174
qemu: CVE-2016-7155: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 9 Sep 2016 18:36:02 UT ...
Debian Bug report logs -
#836502
qemu: CVE-2016-7116: 9p: directory traversal flaw in 9p virtio backend
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 3 Sep 2016 14:21:02 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#837603
qemu: CVE-2016-7157: mptsas: invalid memory access while building configuration pages
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 12 Sep 2016 19:18:19 UTC
Seve ...
Debian Bug report logs -
#832619
qemu: CVE-2016-5403: virtio: unbounded memory allocation on host via guest leading to DoS
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 27 Jul 2016 15:21:07 UTC
...
Debian Bug report logs -
#834905
qemu: CVE-2016-6834: infinite loop during packet fragmentation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Aug 2016 13:57:02 UTC
Severity: normal
Tags: pend ...
Debian Bug report logs -
#832767
qemu: CVE-2016-6490: virtio: infinite loop in virtqueue_pop
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 28 Jul 2016 16:33:02 UTC
Severity: important
Tags: pend ...
Debian Bug report logs -
#834944
qemu: CVE-2016-6836: Information leak in vmxnet3_complete_packet
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Aug 2016 20:00:01 UTC
Severity: normal
Tags: pe ...
Debian Bug report logs -
#832621
qemu: CVE-2016-6351: scsi: esp: oob write access while reading ESP command
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 27 Jul 2016 16:03:02 UTC
Severity: impor ...
Debian Bug report logs -
#834902
qemu: CVE-2016-6888
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Aug 2016 13:33:05 UTC
Severity: normal
Tags: pending, security, upstream
Found in version q ...
Debian Bug report logs -
#834904
qemu: CVE-2016-6833: net: vmxnet3: use after free while writing
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Aug 2016 13:45:06 UTC
Severity: important
Tags: ...
Quick Emulator (QEMU) built with the VMWARE VMXNET3 NIC device support is vulnerable to an information leakage issue The vulnerability could occur while processing the transmit(tx) queue when it reaches the end of a packet A privileged user inside guest could use this vulnerability to leak host memory bytes to a guest ...