Debian Security Advisory 3349-1

Debian Security Advisory 3349-1: Posted Sep 3, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3349-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.; tags | advisory, x86, vulnerability; systems | linux, debian; advisories | CVE-2015-5165, CVE-2015-5745; SHA-256 | a395f8c3820b53a91478fcb7cfc0e4a17fdccee3d8adedad3ab0c731eea869aa; Download | Favorite | View

Debian Security Advisory 3349-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3349-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 02, 2015                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : qemu-kvm
CVE ID         : CVE-2015-5165 CVE-2015-5745

Several vulnerabilities were discovered in qemu-kvm, a full
virtualization solution on x86 hardware.

CVE-2015-5165

    Donghai Zhu discovered that the QEMU model of the RTL8139 network
    card did not sufficiently validate inputs in the C+ mode offload
    emulation, allowing a malicious guest to read uninitialized memory
    from the QEMU process's heap.

CVE-2015-5745

    A buffer overflow vulnerability was discovered in the way QEMU
    handles the virtio-serial device. A malicious guest could use this
    flaw to mount a denial of service (QEMU process crash).

For the oldstable distribution (wheezy), these problems have been fixed
in version 1.1.2+dfsg-6+deb7u9.

We recommend that you upgrade your qemu-kvm packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV5yHRAAoJEAVMuPMTQ89EB2kP/AtJsGcAf37Nthx8tbD6/LUM
6Ou6bDZBoxgFGgtlM9ijK9W1lN9m7UoJBNgOLMGSDha6xCDhUlNk6r/yyR/3bRnh
Ij2xbQwFMvbB8IG88I7H62YpZihY7O/9vqSYW/ZIu7tL4DAQNHctGZ1XocUiHh8i
Ar/gE8bQSDKpx3XG/ZmlniBjozXEcHPc7WDM5eHU1bekwJ5MlO9S+l7ikAptVWMt
fDT7pS1YcGmYftIYtt7MySTHl9F3ThcWBMuY+GeZnF9zQh0N8ltNtvaO87uJ1Oke
qSDzPKoIy6Q1Cw6SEVloBASzsB7BFu7q8S7Zx6DKVDrS43JZNnXj7xX3DXtIGvtC
yXr+xx15tk8oBVYQpg0kBgZjcU5IXC/zjL8KCzj2Nt8+e1w7ufcdgisp9X91hN5c
t/kJmTI8wj0xT0UYCjCfdPLQr1U8ph5fk5coZkt6YVWkWCp1L1fSLDAhkcqM60ql
ORZwyM7m3ZtoMRfAKNdJgjTHTyijE8CAsQDGcINEkhqz26gFuaU5TnkD/Ls5z0cc
ZwTjXpd1VrCYUB0wkdbXWDtsAIZR4nmxl43Z9lOOXRgCMysakmTGYluFW2ypEhrB
fqvXfYzV8assVcLyXnWyq8Ewh7OjX26Y5OlczgxHyBCDp2HK2ragzf93cYJL1v8t
6AheWSuueDqSs2b11Z8J
=9NK7
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 263 files
indoushka 178 files
Ubuntu 96 files
Gentoo 32 files
Debian 20 files
Apple 11 files
LiquidWorm 10 files
malvuln 8 files
Rubén López Herrera 5 files
Google Security Research 5 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,137)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,486)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,995)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,903)
UNIX (9,466)
UnixWare (188)
Windows (6,783)
Other

Debian Security Advisory 3349-1

Debian Security Advisory 3349-1

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3349-1

Share This

Debian Security Advisory 3349-1

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems