[SECURITY] [DLA 653-1] qemu-kvm security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : qemu-kvm
Version : 1.1.2+dfsg-6+deb7u16
CVE ID : CVE-2016-7161 CVE-2016-7170 CVE-2016-7908
Multiple vulnerabilities have been found in qemu-kvm:
CVE-2016-7161
Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite
in qemu-kvm allows attackers to execute arbitrary code on the QEMU host via
a large ethlite packet.
CVE-2016-7170
The vmsvga_fifo_run function in hw/display/vmware_vga.c in qemu-kvm is
vulnerable to an OOB memory access.
CVE-2016-7908
The mcf_fec_do_tx function in hw/net/mcf_fec.c in qemu-kvm does not
properly limit the buffer descriptor count when transmitting packets, which
allows local guest OS administrators to cause a denial of service (infinite
loop and QEMU process crash) via vectors involving a buffer descriptor with
a length of 0 and crafted values in bd.flags.
For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u16.
We recommend that you upgrade your qemu-kvm packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX/Jn3AAoJEKyQrD7FJAZevPIP/A9QZwfejmdywMNVKhyEtp7E
X7UQkg+5XOmuSa0+yyt4HV47kWUooM512WMOQT6gycpUA52G0oM2w9IPyMkv9vwD
7PDSlZ/u8FvaBO8wAwq/VMmYcv5keodMk4U7EONJ0jaCy/DQ22JV2GMuJqtbV/1z
kSC2XNanfG2S43yyqwG8dFw0MM2B6xVuppUulBPWe0jxMYQg7Y2Of17SCjIqnlqG
T+kcnNa8S4TUi70iFmSz6lLr8gnedfSw80ZGGzfVKTvofqCsL1HWujWAN/T2aO8y
bl6dCVyyhMRIye/yELWHx8G187s5V7e07WTiCR8zeJGfdC2U0zBG9IknBuy8/v/t
NUG7zudKwC6utdw6JcBtUzWdwBC0CH9N6NEn1M983Ye/KYRHmcfsESDGvyT9QXQs
02zRMNDsjydcQG+iw0hrBoX6ATYphWz6ByxuzRs2CnuMAplIqVsxMmcd4BhZsZC9
vIfbW9gYD03n5Ra/jQ7LbEOK1fCAD8HmBimmiUKWCR4InbCJXEVffWCtW1I5XF61
ZeJ5JlqnS2u+Re4hc5JWI9d1/dItL5V+0fAHV/JJwXUR1y7Ueevyj7mgTfjZrLPq
skITLtEZGmiPbYbeUOOy4svbHxUu6XC6aU9dsuko5rHboZWAI9eepHJ0jJz6anzI
BaIf1blsXcKwtOV/V8qO
=BNvg
-----END PGP SIGNATURE-----
Reply to: