Debian Security Advisory 3470-1

Debian Security Advisory 3470-1: Posted Feb 10, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3470-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.; tags | advisory, x86, vulnerability; systems | linux, debian; advisories | CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-8345, CVE-2015-8504, CVE-2015-8558, CVE-2015-8743, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922; SHA-256 | 13f129df6383f3c46d755e426dc4ae221be8c7448d252cdc038c735cd688e0d9; Download | Favorite | View

Debian Security Advisory 3470-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3470-1                   security@debian.org
https://www.debian.org/security/                       Sebastien Delafond
February 08, 2016                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : qemu-kvm
CVE ID         : CVE-2015-7295 CVE-2015-7504 CVE-2015-7512 CVE-2015-8345 
                 CVE-2015-8504 CVE-2015-8558 CVE-2015-8743 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922
Debian Bug     : 799452 806373 806741 806742 808130 808144 810519 810527 811201

Several vulnerabilities were discovered in qemu-kvm, a full
virtualization solution on x86 hardware.

CVE-2015-7295

    Jason Wang of Red Hat Inc. discovered that the Virtual Network
    Device support is vulnerable to denial-of-service (via resource
    exhaustion), that could occur when receiving large packets.

CVE-2015-7504

    Qinghao Tang of Qihoo 360 Inc. and Ling Liu of Qihoo 360 Inc.
    discovered that the PC-Net II ethernet controller is vulnerable to
    a heap-based buffer overflow that could result in
    denial-of-service (via application crash) or arbitrary code
    execution.

CVE-2015-7512

    Ling Liu of Qihoo 360 Inc. and Jason Wang of Red Hat Inc.
    discovered that the PC-Net II ethernet controller is vulnerable to
    a buffer overflow that could result in denial-of-service (via
    application crash) or arbitrary code execution.

CVE-2015-8345

    Qinghao Tang of Qihoo 360 Inc. discovered that the eepro100
    emulator contains a flaw that could lead to an infinite loop when
    processing Command Blocks, eventually resulting in
    denial-of-service (via application crash).

CVE-2015-8504

    Lian Yihan of Qihoo 360 Inc. discovered that the VNC display
    driver support is vulnerable to an arithmetic exception flaw that
    could lead to denial-of-service (via application crash).

CVE-2015-8558

    Qinghao Tang of Qihoo 360 Inc. discovered that the USB EHCI
    emulation support contains a flaw that could lead to an infinite
    loop during communication between the host controller and a device
    driver. This could lead to denial-of-service (via resource
    exhaustion).

CVE-2015-8743

    Ling Liu of Qihoo 360 Inc. discovered that the NE2000 emulator is
    vulnerable to an out-of-bound read/write access issue, potentially
    resulting in information leak or memory corruption.

CVE-2016-1568

    Qinghao Tang of Qihoo 360 Inc. discovered that the IDE AHCI
    emulation support is vulnerable to a use-after-free issue, that
    could lead to denial-of-service (via application crash) or
    arbitrary code execution.

CVE-2016-1714

    Donghai Zhu of Alibaba discovered that the Firmware Configuration
    emulation support is vulnerable to an out-of-bound read/write
    access issue, that could lead to denial-of-service (via
    application crash) or arbitrary code execution.

CVE-2016-1922

    Ling Liu of Qihoo 360 Inc. discovered that 32-bit Windows guests
    support is vulnerable to a null pointer dereference issue, that
    could lead to denial-of-service (via application crash).

For the oldstable distribution (wheezy), these problems have been fixed
in version 1.1.2+dfsg-6+deb7u12.

We recommend that you upgrade your qemu-kvm packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCgAGBQJWuOWZAAoJEBC+iYPz1Z1kylMIALq/IPzVOF8tzSNHkwIPg0Hw
Z9NYVOgzKyy4+FYeQIC0UldwTsWl5nb5GrM8cLHFAibCNUfBkMafwAZrxxMCexvC
IJmULnfFjhWuYu8bK5m4MGjsA830k+QxREx+zrWnrBGj0/bgpYlkfns6ZvLwijb3
ieqGh3Flh+JPc+lCgCRjWEwFal9A6OBXNzhkJQGv0TE+s+p5HtPs9b45VQ+OIgC8
pIOJPihqP9w7DA8jGsGK5M3U875SoWr2vf4k+kGhv7ofBvyPwH/qf2lDqx3s/d/W
9D1JAnBVftPzfdm2Ol503gIkhDGSOto46hdcIvmD8YjmCdPASUmi22UAedgA0uU=
=CVa1
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Debian Security Advisory 3470-1

Debian Security Advisory 3470-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3470-1

Share This

Debian Security Advisory 3470-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems