[SECURITY] [DLA 573-1] qemu security update

[news 28]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

 

Package : qemu

Version : 1.1.2+dfsg-6+deb7u14

CVE ID : CVE-2015-5239 CVE-2016-2857 CVE-2016-4020 CVE-2016-4439

CVE-2016-5403 CVE-2016-6351

 

Multiple vulnerabilities have been discovered in QEMU, a fast processor

emulator. The Common Vulnerabilities and Exposures project identifies

the following problems:

 

CVE-2015-5239

 

Lian Yihan discovered that QEMU incorrectly handled certain payload

messages in the VNC display driver. A malicious guest could use this

issue to cause the QEMU process to hang, resulting in a denial of

service.

 

CVE-2016-2857

 

Ling Liu discovered that QEMU incorrectly handled IP checksum

routines. An attacker inside the guest could use this issue to cause

QEMU to crash, resulting in a denial of service, or possibly leak

host memory bytes.

 

CVE-2016-4020

 

Donghai Zdh discovered that QEMU incorrectly handled the Task

Priority Register(TPR). A privileged attacker inside the guest could

use this issue to possibly leak host memory bytes.

 

CVE-2016-4439, CVE-2016-6351

 

Li Qiang disovered that the emulation of the 53C9X Fast SCSI

Controller is affected by out of bound access issues.

 

CVE-2016-5403

 

Zhenhao Hong discovered that a malicious guest administrator can

cause unbounded memory allocation in QEMU (which can cause an

Out-of-Memory condition) by submitting virtio requests without

bothering to wait for completion.

 

For Debian 7 "Wheezy", these problems have been fixed in version

1.1.2+dfsg-6+deb7u14.

 

We recommend that you upgrade your qemu packages.

 

Further information about Debian LTS security advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

 

iQIcBAEBCAAGBQJXnH/iAAoJEAe4t7DqmBILgOAP/3U3B96UK+fC1KcPpngD8e3N

3a2b7T8LE0W3KVom1zEwIwtF9m4iiLgb43YC7SUNmIuzQ6eSQ7qs2ffR3uLQxaxQ

YG6VQfZ7rcxMN34uNHTEWPSvhD3ZSrxyaI+4yc/wyt2nSUW/2aPw9UNRZbBRD/qx

EaNSBCSMNNzNZ2RpIoRfJmChBuWsFPS1WtLw6K8PxKSF5h4RFSTOsb5qfpGX4eIu

4NLKxJcWoJNbntb0W7JVySKFX5SaWMnILKGxoHiZwLYC/uZ8t3uypVmoWAtsPNw7

dKvo2P2HGSCZdtfngPgYcV13+bsfwgBHiRsDule7h9C/0RZC8yVUpAta0Yzox83d

/lW9ASgNrg7b8KM3TB6d6dbQDn1MbvHTDMehU+9Xnrh82c8uMN3Cnzum7xESWYun

Qew9X0BDKS+WG7K+Bbxnk3DE8APPwGlgOUNRDHGeRfzZMdIO2L3pKeyUVBN/mmZ7

fZqlFItOxO/45unp2CUdmod5837CrpOj2qa4VxJv2OlBHrMVfOsNJuA6SMWZvMZD

FxKOom3c+WCaBzOkv86WsVgr+XD7FEC8aXIzgpjiJJdZNjJlWbyg6PM426zCmR2F

FfkW1N6OoPX6j23GiL/r+IpCOFoPC80jsuZIDUlBmeX/1szl8OjqjefmW2em63Sq

TTm2xaCaczylFrHPTecG

=jppC

-----END PGP SIGNATURE-----