Back

    Debian: DSA-3925-1: qemu security update

    Date04 Aug 2017
    CategoryDebian Linux Distribution - Security Advisories
    464
    Posted ByLinuxSecurity Advisories
    Multiple vulnerabilities were found in qemu, a fast processor emulator: CVE-2017-9524
    -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3925-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.%MINIFYHTMLf567858645acdef9d8ecc4a64a68061613%https://www.debian.org/security/                       Moritz Muehlenhoff
August 04, 2017                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : qemu
CVE ID         : CVE-2017-9524 CVE-2017-10806 CVE-2017-11334
                 CVE-2017-11443
Debian Bug     : 865755 869171 869173 867751 869945

Multiple vulnerabilities were found in qemu, a fast processor emulator:

CVE-2017-9524

    Denial of service in qemu-nbd server

CVE-2017-10806

    Buffer overflow in USB redirector

CVE-2017-11334

    Out-of-band memory access in DMA operations

CVE-2017-11443

    Out-of-band memory access in SLIRP/DHCP

For the stable distribution (stretch), these problems have been fixed in
version 1:2.8+dfsg-6+deb9u2.

We recommend that you upgrade your qemu packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.%MINIFYHTMLf567858645acdef9d8ecc4a64a68061614%

    Get the Latest News & Insights

    Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox

    Related News

    Microsoft uses its expertise in malware to help with fileless attack detection on Linux
    Microsoft uses its expertise in malware to help with fileless attack detection on Linux
    Ring Announces New Security Protocols After Customer Complaints of Account Hacks
    Ring Announces New Security Protocols After Customer Complaints of Account Hacks
    U.S. Government Says Update Chrome 80 As High-Rated Security Flaws Found
    U.S. Government Says Update Chrome 80 As High-Rated Security Flaws Found
    Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles
    Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"35","type":"x","order":"1","pct":92.11,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"2","type":"x","order":"2","pct":5.26,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"1","type":"x","order":"3","pct":2.63,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    SUSE: 2020:0490-1 important: ppp
    Date26 Feb 2020 @ 05:15
    SUSE: 2020:0487-1 moderate: squid
    Date26 Feb 2020 @ 05:14
    SUSE: 2020:0488-1 important: nodejs6
    Date26 Feb 2020 @ 05:13
    SUSE: 2020:0489-1 important: ppp
    Date26 Feb 2020 @ 05:12

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

    Learn More