Several security issues were fixed in QEMU ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 60 (Juno) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Com ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 70 (Kilo) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Com ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 80 (Liberty)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 90 (Mitaka)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for RHEV 3X Hypervisor and Agents for RHEL-7 and RHEV 4X RHEV-H and Agents for RHEL-7Red Hat Product Security has rated this update as having a secur ...
Synopsis
Important: qemu-kvm security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for RHEV 3X Hypervisor and Agents for RHEL-6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scorin ...
Synopsis
Important: kvm security update
Type/Severity
Security Advisory: Important
Topic
An update for kvm is now available for Red Hat Enterprise Linux 5Red Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System (CVSS) base score, which gi ...
Synopsis
Important: qemu-kvm security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 6Red Hat Product Security has rated this update as having a security impact of Important A ...
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue The issue could occur while copying VGA data in cirrus_bitblt_cputovideo A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU pr ...
Debian Bug report logs -
#856969
qemu: CVE-2017-6505: infinite loop issue in ohci_service_ed_list
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 6 Mar 2017 18:51:01 UTC
Severity: normal
Tags: pa ...
Debian Bug report logs -
#859854
qemu: CVE-2017-7377
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 7 Apr 2017 19:48:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
F ...
Debian Bug report logs -
#857744
qemu: CVE-2016-9603: cirrus: heap buffer overflow via vnc connection
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 14 Mar 2017 16:15:01 UTC
Severity: grave
Tags: ...
Debian Bug report logs -
#855616
qemu: CVE-2017-6058: net: vmxnet3: OOB NetRxPkt::ehdr_buf access when doing vlan stripping
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 20 Feb 2017 19:51:01 UTC
...
Debian Bug report logs -
#854731
qemu: CVE-2017-2615
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:45:02 UTC
Severity: important
Tags: fixed-upstream, security, upstream
Found in vers ...
Debian Bug report logs -
#854730
CVE-2017-5931
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:42:04 UTC
Severity: important
Tags: security
Fixed in version qemu/1:28+dfsg-3
Done: Mic ...
Debian Bug report logs -
#855227
qemu: CVE-2017-2630: nbd: oob stack write in client routine drop_sync
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 15 Feb 2017 18:21:01 UTC
Severity: grave
Tags ...
Debian Bug report logs -
#840950
qemu: CVE-2016-8667: dma: rc4030 divide by zero error in set_next_tick
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 16 Oct 2016 12:21:02 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#855159
qemu: CVE-2017-5987: sd: infinite loop issue in multi block transfers
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 14 Feb 2017 19:45:02 UTC
Severity: important
...
Debian Bug report logs -
#854729
CVE-2017-5898
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:42:01 UTC
Severity: important
Tags: security
Fixed in version qemu/1:28+dfsg-3
Done: Mic ...
Debian Bug report logs -
#839986
qemu: CVE-2016-7907: net: inifinte loop in imx_fec_do_tx() function
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 7 Oct 2016 06:45:01 UTC
Severity: normal
Tags: ...
Debian Bug report logs -
#855791
qemu: CVE-2017-2620: cirrus_bitblt_cputovideo does not check if memory region is safe
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 21 Feb 2017 16:06:01 UTC
Seve ...
Debian Bug report logs -
#853996
CVE-2017-5667 / CVE-2017-5856 / CVE-2017-5857
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 2 Feb 2017 22:06:02 UTC
Severity: important
Tags: security
Fixed in vers ...
Debian Bug report logs -
#853002
qemu: CVE-2017-5579: serial: host memory leakage 16550A UART emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 28 Jan 2017 20:51:04 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#855611
qemu: CVE-2017-5973: usb: infinite loop while doing control transfer in xhci_kick_epctx
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 20 Feb 2017 19:21:04 UTC
Se ...
Debian Bug report logs -
#853006
qemu: CVE-2016-9602: 9p: virtfs allows guest to access host filesystem
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 28 Jan 2017 21:18:01 UTC
Severity: grave
Tag ...
Description of Problem Two security issues have been identified within Citrix XenServer These issues could, if exploited, allow the administrator of an HVM guest VM to compromise the host The following vulnerabilities have been addressed: CVE-2017-2615 (High): QEMU: oob access in cirrus bitblt copy CVE-2017-2620 (High): QEMU: cirrus_bitblt_cputov ...