Several security issues were fixed in QEMU ...
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command A guest user/process could use this flaw to leak contents of the host memory bytes ...
Debian Bug report logs -
#839834
qemu: CVE-2016-7909: net: pcnet: infinite loop in pcnet_rdra_addr
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 5 Oct 2016 15:15:02 UTC
Severity: normal
Tags: s ...
Debian Bug report logs -
#839835
qemu: CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 5 Oct 2016 15:33:01 UTC
Severity: normal
Tags: security, ...
Debian Bug report logs -
#841955
qemu: CVE-2016-8910: net: rtl8139: infinite loop while transmit in C+ mode
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 24 Oct 2016 19:45:04 UTC
Severity: norma ...
Debian Bug report logs -
#847951
qemu: CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 12 Dec 2016 15:27:07 UTC
Severity: important
T ...
Debian Bug report logs -
#841950
qemu: CVE-2016-8909: audio: intel-hda: infinite loop in processing dma buffer stream
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 24 Oct 2016 18:57:01 UTC
Sever ...
Debian Bug report logs -
#847960
qemu: CVE-2016-9921 CVE-2016-9922
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 12 Dec 2016 16:09:01 UTC
Severity: important
Tags: patch, security, upstream
Fou ...
Debian Bug report logs -
#847381
qemu: CVE-2016-9845: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 7 Dec 2016 18:30:01 U ...
Debian Bug report logs -
#847957
qemu: CVE-2016-9923: char: use after free issue in char backend
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 12 Dec 2016 15:57:02 UTC
Severity: important
Tags: ...
Debian Bug report logs -
#847400
qemu: CVE-2016-9908: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 7 Dec 2016 20:57:04 UTC
S ...
Debian Bug report logs -
#840945
qemu: CVE-2016-8669: char: divide by zero error in serial_update_parameters
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 16 Oct 2016 11:57:01 UTC
Severity: norm ...
Debian Bug report logs -
#847382
qemu: CVE-2016-9846: display: virtio-gpu: memory leakage while updating cursor
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 7 Dec 2016 18:30:04 UTC
Severity: i ...
Debian Bug report logs -
#847496
qemu: CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 8 Dec 2016 19:15:02 UTC
Severity: important
Tags: pa ...
Debian Bug report logs -
#846797
qemu: CVE-2016-9776: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 3 Dec 2016 12:48:01 UTC
S ...
Debian Bug report logs -
#837316
qemu: CVE-2016-7170: vmware_vga: OOB stack memory access when processing svga command
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 10 Sep 2016 13:21:01 UTC
Seve ...
Debian Bug report logs -
#840341
qemu: CVE-2016-8577: 9pfs: host memory leakage in v9fs_read
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 10 Oct 2016 18:33:02 UTC
Severity: normal
Tags: patch, ...
Debian Bug report logs -
#840340
qemu: CVE-2016-8578
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 10 Oct 2016 18:30:02 UTC
Severity: normal
Tags: patch, security, upstream
Found in version qem ...
Debian Bug report logs -
#840228
qemu: CVE-2016-7994: virtio-gpu: memory leak in virtio_gpu_resource_create_2d
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 9 Oct 2016 18:12:01 UTC
Severity: no ...
Debian Bug report logs -
#840948
qemu: CVE-2016-8668: net: OOB buffer access in rocker switch emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 16 Oct 2016 12:12:04 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#842463
qemu: Various 9ps security issues (CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106)
Package:
qemu;
Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon)
Reported by: Guido Günther <agx@sigx ...
Debian Bug report logs -
#847953
qemu: CVE-2016-9907: usb: redirector: memory leakage when destroying redirector
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 12 Dec 2016 15:39:02 UTC
Severity: ...
Debian Bug report logs -
#840236
qemu: CVE-2016-7995: usb: hcd-ehci: memory leak in ehci_process_itd
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 9 Oct 2016 19:33:01 UTC
Severity: normal
Tags: ...
Debian Bug report logs -
#840343
qemu: CVE-2016-8576: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 10 Oct 2016 18:39:01 UTC
Severity: n ...
Debian Bug report logs -
#847391
qemu: CVE-2016-9912: display: virtio-gpu: memory leakage when destroying gpu resource
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 7 Dec 2016 19:30:01 UTC
Seve ...