Several security issues were fixed in QEMU ...
Debian Bug report logs -
#855616
qemu: CVE-2017-6058: net: vmxnet3: OOB NetRxPkt::ehdr_buf access when doing vlan stripping
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 20 Feb 2017 19:51:01 UTC
...
Debian Bug report logs -
#854731
qemu: CVE-2017-2615
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:45:02 UTC
Severity: important
Tags: fixed-upstream, security, upstream
Found in vers ...
Debian Bug report logs -
#854730
CVE-2017-5931
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:42:04 UTC
Severity: important
Tags: security
Fixed in version qemu/1:28+dfsg-3
Done: Mic ...
Debian Bug report logs -
#855227
qemu: CVE-2017-2630: nbd: oob stack write in client routine drop_sync
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 15 Feb 2017 18:21:01 UTC
Severity: grave
Tags ...
Debian Bug report logs -
#855159
qemu: CVE-2017-5987: sd: infinite loop issue in multi block transfers
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 14 Feb 2017 19:45:02 UTC
Severity: important
...
Debian Bug report logs -
#854729
CVE-2017-5898
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:42:01 UTC
Severity: important
Tags: security
Fixed in version qemu/1:28+dfsg-3
Done: Mic ...
Debian Bug report logs -
#839986
qemu: CVE-2016-7907: net: inifinte loop in imx_fec_do_tx() function
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 7 Oct 2016 06:45:01 UTC
Severity: normal
Tags: ...
Debian Bug report logs -
#855791
qemu: CVE-2017-2620: cirrus_bitblt_cputovideo does not check if memory region is safe
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 21 Feb 2017 16:06:01 UTC
Seve ...
Debian Bug report logs -
#853996
CVE-2017-5667 / CVE-2017-5856 / CVE-2017-5857
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 2 Feb 2017 22:06:02 UTC
Severity: important
Tags: security
Fixed in vers ...
Debian Bug report logs -
#853002
qemu: CVE-2017-5579: serial: host memory leakage 16550A UART emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 28 Jan 2017 20:51:04 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#855611
qemu: CVE-2017-5973: usb: infinite loop while doing control transfer in xhci_kick_epctx
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 20 Feb 2017 19:21:04 UTC
Se ...
Debian Bug report logs -
#853006
qemu: CVE-2016-9602: 9p: virtfs allows guest to access host filesystem
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 28 Jan 2017 21:18:01 UTC
Severity: grave
Tag ...
The xhci_kick_epctx function in hw/usb/hcd-xhcic in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence ...