Debian Security Advisory 4760-1

Debian Security Advisory 4760-1: Posted Sep 28, 2020; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4760-1 - Multiple security issues were discovered in QEMU, a fast processor emulator.; tags | advisory; systems | linux, debian; advisories | CVE-2020-12829, CVE-2020-14364, CVE-2020-15863, CVE-2020-16092; SHA-256 | 9ec9643bb7edebad1c8a64c425392f1a29bfedae27d77a06866086970cb042aa; Download | Favorite | View

Debian Security Advisory 4760-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4760-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 06, 2020                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : qemu
CVE ID         : CVE-2020-12829 CVE-2020-14364 CVE-2020-15863 CVE-2020-16092
Debian Bug     : 961451 968947

Multiple security issues were discovered in QEMU, a fast processor
emulator:

CVE-2020-12829

    An integer overflow in the sm501 display device may result in denial of
    service.

CVE-2020-14364

    An out-of-bands write in the USB emulation code may result in
    guest-to-host code execution.

CVE-2020-15863

    A buffer overflow in the XGMAC network device may result in denial of
    service or the execution of arbitrary code.

CVE-2020-16092

    A triggerable assert in the e1000e and vmxnet3 devices may result in
    denial of service.

For the stable distribution (buster), these problems have been fixed in
version 1:3.1+dfsg-8+deb10u8.

We recommend that you upgrade your qemu packages.

For the detailed security status of qemu please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qemu

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl9VIooACgkQEMKTtsN8
TjZAOA//Xe3KBPOakFNXSaS0qiArNsXZ7zQBajuRjz3tHB4qhgDSoImiPqVsJo1g
achuERnB8+2nW2MmhwHw8TxpX/Tex+8eUrvdNC97v5sSrXhRTsf/emq4EMQvUeUh
KL7oix0IheTDWjgqHEpG0A8eHXoL10mJ7Gel+tCFCQLqXwZipXDaAxifmtjCDIjS
KUWCKWCTI/ny2yNaER+fZX6hwxt6c/SwLSuuvpXw9//bzLwvF6Q71qBHyhy3xPbq
5n/r7qtg0l/vEC7x6c7+xlaATPHDjjDv51flMB40hWHgR5DUsASiXidHiVaxVk65
wTmW7DsB0pUyR/5DG8QAWw6sHlIwUgjc/5PmLty9lIzx7BKL9hQhpOIAGVhYaTLC
n6NCRsH3thrQJerzZVmgAxVxmp46cmt+W7mc7aOwDOVmnXzCST1POTdYtxATtEdy
i54wk6i7OK7J59uMnl+t6Nl1ad+2jrCpSGG8udm2vfmvggGSWvvB5Wu+5LC3+ax4
Ambv1iAVrsJB4xDqWh+4NJ+xdc5d+mAPQepzpt6wWRiCbk5Ku0Y6TXKHLX30ZCju
7buCISmYUlQtJ82MXpyYcSRbxE6sh8avo/5sdQFneiLPuRVuOkubNlyO0xWwizOg
Lb3xZM7z/dJDpTzMV7O/eIxbrZjHVn1NmaXuET0mn+lydr829oM=
=rZVX
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 85 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Debian 19 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

Debian Security Advisory 4760-1

Debian Security Advisory 4760-1

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4760-1

Share This

Debian Security Advisory 4760-1

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems