[SECURITY] [DLA 679-1] qemu-kvm security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : qemu-kvm
Version : 1.1.2+dfsg-6+deb7u17
CVE ID : CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8669
Multiple vulnerabilities have been found in qemu-kvm:
CVE-2016-8576
qemu-kvm built with the USB xHCI controller emulation support is vulnerable
to an infinite loop issue. It could occur while processing USB command ring
in 'xhci_ring_fetch'.
CVE-2016-8577
qemu-kvm built with the virtio-9p back-end support is vulnerable to a memory
leakage issue. It could occur while doing a I/O read operation in
v9fs_read() routine.
CVE-2016-8578
qemu-kvm built with the virtio-9p back-end support is vulnerable to a null
pointer dereference issue. It could occur while doing an I/O vector
unmarshalling operation in v9fs_iov_vunmarshal() routine.
CVE-2016-8669
qemu-kvm built with the 16550A UART emulation support is vulnerable to a
divide by zero issue. It could occur while updating serial device parameters
in 'serial_update_parameters'.
For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u17.
We recommend that you upgrade your qemu-kvm packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYD73qAAoJEKyQrD7FJAZeDWQP/RwhggoBEdoJ8zgZxoaGx5QA
q8l23pgEiCe4KlWU/CZY5A+wv3CCA/wa6Hz1YpnUwzKsqAfQpSigSwDGObKFmXQv
/gq1R/rgPgTiSPpdVNFr69PX1P2PPPyjflu/QlLyaLuZBDHw74DViYAH2evANVYd
ifmFiQthsOeRQiP6h9LscjX41hF7vOCMK0DVaVZbgka2CZ7fQVHLuWPFU0zWw5av
s7n9gWjhkYzscioH4Du/qoR8HvaUb7P6xpfD8omCE/CFpJr6mvifoZl94yDbXUEL
E63isSekwgXO+sbOAVx1PkfUqerljSFmzYHT7iuRg5LP8tG0vah3Kd44ttK3WrSD
5WsXmiZsah6deuvcJ49GLEyKEQD3DleYJP60+AK+GNVaK0Vsz4gP/FdeeyW/KVK7
Vj9bAwlEEtzJX3rX82o/Qy97P+udgekWaxY5qhlRJg4otAD8fYxQfFEnkuUCdS3u
NyTE89BCymtxctCnUc/3PTC06kUtyde3U8PLEaa66WsfOHQVxJs0eTTK2oJz9+JR
uRU97qOqnRjqx4nlvCjqV1T0GI15ShgKWaP7h8eHs0ijp6Y2hFVxe58yr09P5UXr
pOIxlROT9K08CtamCkj8KJbN07VJT+Hc1GysBGHIh1rQZwcWyoqPqdhy3mD3TEm+
utTyE717DsjMD47g8fvt
=eBoW
-----END PGP SIGNATURE-----
Reply to: