[SECURITY] [DLA 574-1] qemu-kvm security update

[news 28]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

 

Package : qemu-kvm

Version : 1.1.2+dfsg-6+deb7u14

CVE ID : CVE-2015-5239 CVE-2016-2857 CVE-2016-4020 CVE-2016-4439

CVE-2016-5403 CVE-2016-6351

 

Multiple vulnerabilities have been discovered in qemu-kvm, a full

virtualization solution on x86 hardware. The Common Vulnerabilities and

Exposures project identifies the following problems:

 

CVE-2015-5239

 

Lian Yihan discovered that QEMU incorrectly handled certain payload

messages in the VNC display driver. A malicious guest could use this

issue to cause the QEMU process to hang, resulting in a denial of

service.

 

CVE-2016-2857

 

Ling Liu discovered that QEMU incorrectly handled IP checksum

routines. An attacker inside the guest could use this issue to cause

QEMU to crash, resulting in a denial of service, or possibly leak

host memory bytes.

 

CVE-2016-4020

 

Donghai Zdh discovered that QEMU incorrectly handled the Task

Priority Register(TPR). A privileged attacker inside the guest could

use this issue to possibly leak host memory bytes.

 

CVE-2016-4439, CVE-2016-6351

 

Li Qiang disovered that the emulation of the 53C9X Fast SCSI

Controller is affected by out of bound access issues.

 

CVE-2016-5403

 

Zhenhao Hong discovered that a malicious guest administrator can

cause unbounded memory allocation in QEMU (which can cause an

Out-of-Memory condition) by submitting virtio requests without

bothering to wait for completion.

 

For Debian 7 "Wheezy", these problems have been fixed in version

1.1.2+dfsg-6+deb7u14.

 

We recommend that you upgrade your qemu-kvm packages.

 

Further information about Debian LTS security advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

 

iQIcBAEBCAAGBQJXnIS4AAoJEAe4t7DqmBILJnIP/iMzD2oZ9u37gLc0qUCH87N3

tYNEL7SSBb0ZYOb+Fg7vQxIDvkvuvWJ3AbmaxwQlJ/yTrEcdddeSubHoRI99u7zx

RGl8dqHVNS2O1XlFUhfv6GiJgdyp1tGOtW32zvMisnrE+JZxdIqOXHGOiMewZHbd

rBE01pv6GACLrJFmdrpuptq1i7AQpT05XzgK3XLgnudfa87bh/AF+6uSu/wi45ZU

b2ilDFIckH9Hsi6SQ81JEsCTw/a/H6OgUzn6GQnXVGVgpk8SJwSIfAx97LbJ5kwW

JG43p4UMhIBXNwic9/sWsQjlLTjgDW88D3/iGCk5GVYjVzaLoE3jyV3jms6EFbTv

kjKtabjkWvL9c1xEDJGPmcQpv4tISDOK07/bZl4SXBayRdS7u+5J6m93gtltqFZ+

FBLUry9BvN8HC55IozPZXfWoDJLohWPVp7ZAhzCVeGsdp+u5ILEyUoduK9sWoOW/

ALsTDKdRIMkg1EiqVP0NiKtnKrkZ37T9/iEwalXpdmvRfQBMs43EqXq62/Yi3BvH

KfOQ3eH9K/oHjRzOqPJpd3MCbMwEYsFGA57/y7ByWhYpLo3AQWa8NHBLQB5h9KIa

xhViZtgurp/cEOC9JsSbtOAWRctgp3BwO9cEgiF/Vl9NDDfDYOpu7UP1DRDW7EME

VSXdMCSw3CFj1BCQwRgN

=n/al

-----END PGP SIGNATURE-----