[SECURITY] [DLA 573-1] qemu security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : qemu
Version : 1.1.2+dfsg-6+deb7u14
CVE ID : CVE-2015-5239 CVE-2016-2857 CVE-2016-4020 CVE-2016-4439
CVE-2016-5403 CVE-2016-6351
Multiple vulnerabilities have been discovered in QEMU, a fast processor
emulator. The Common Vulnerabilities and Exposures project identifies
the following problems:
CVE-2015-5239
Lian Yihan discovered that QEMU incorrectly handled certain payload
messages in the VNC display driver. A malicious guest could use this
issue to cause the QEMU process to hang, resulting in a denial of
service.
CVE-2016-2857
Ling Liu discovered that QEMU incorrectly handled IP checksum
routines. An attacker inside the guest could use this issue to cause
QEMU to crash, resulting in a denial of service, or possibly leak
host memory bytes.
CVE-2016-4020
Donghai Zdh discovered that QEMU incorrectly handled the Task
Priority Register(TPR). A privileged attacker inside the guest could
use this issue to possibly leak host memory bytes.
CVE-2016-4439, CVE-2016-6351
Li Qiang disovered that the emulation of the 53C9X Fast SCSI
Controller is affected by out of bound access issues.
CVE-2016-5403
Zhenhao Hong discovered that a malicious guest administrator can
cause unbounded memory allocation in QEMU (which can cause an
Out-of-Memory condition) by submitting virtio requests without
bothering to wait for completion.
For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u14.
We recommend that you upgrade your qemu packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJXnH/iAAoJEAe4t7DqmBILgOAP/3U3B96UK+fC1KcPpngD8e3N
3a2b7T8LE0W3KVom1zEwIwtF9m4iiLgb43YC7SUNmIuzQ6eSQ7qs2ffR3uLQxaxQ
YG6VQfZ7rcxMN34uNHTEWPSvhD3ZSrxyaI+4yc/wyt2nSUW/2aPw9UNRZbBRD/qx
EaNSBCSMNNzNZ2RpIoRfJmChBuWsFPS1WtLw6K8PxKSF5h4RFSTOsb5qfpGX4eIu
4NLKxJcWoJNbntb0W7JVySKFX5SaWMnILKGxoHiZwLYC/uZ8t3uypVmoWAtsPNw7
dKvo2P2HGSCZdtfngPgYcV13+bsfwgBHiRsDule7h9C/0RZC8yVUpAta0Yzox83d
/lW9ASgNrg7b8KM3TB6d6dbQDn1MbvHTDMehU+9Xnrh82c8uMN3Cnzum7xESWYun
Qew9X0BDKS+WG7K+Bbxnk3DE8APPwGlgOUNRDHGeRfzZMdIO2L3pKeyUVBN/mmZ7
fZqlFItOxO/45unp2CUdmod5837CrpOj2qa4VxJv2OlBHrMVfOsNJuA6SMWZvMZD
FxKOom3c+WCaBzOkv86WsVgr+XD7FEC8aXIzgpjiJJdZNjJlWbyg6PM426zCmR2F
FfkW1N6OoPX6j23GiL/r+IpCOFoPC80jsuZIDUlBmeX/1szl8OjqjefmW2em63Sq
TTm2xaCaczylFrHPTecG
=jppC
-----END PGP SIGNATURE-----
Reply to: