Debian: DSA-4213-1: qemu security update

    Date29 May 2018
    CategoryDebian
    4096
    Posted ByAnthony Pell
    Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-4213-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                     Salvatore Bonaccorso
    May 29, 2018                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : qemu
    CVE ID         : CVE-2017-5715 CVE-2017-15038 CVE-2017-15119 CVE-2017-15124
                     CVE-2017-15268 CVE-2017-15289 CVE-2017-16845 CVE-2017-17381
                     CVE-2017-18043 CVE-2018-5683 CVE-2018-7550
    Debian Bug     : 877890 880832 880836 882136 883399 883625 884806 886532
                     887392 892041
    
    Several vulnerabilities were discovered in qemu, a fast processor
    emulator.
    
    CVE-2017-15038
    
        Tuomas Tynkkynen discovered an information leak in 9pfs.
    
    CVE-2017-15119
    
        Eric Blake discovered that the NBD server insufficiently restricts
        large option requests, resulting in denial of service.
    
    CVE-2017-15124
    
        Daniel Berrange discovered that the integrated VNC server
        insufficiently restricted memory allocation, which could result in
        denial of service.
    
    CVE-2017-15268
    
        A memory leak in websockets support may result in denial of service.
    
    CVE-2017-15289
    
        Guoxiang Niu discovered an OOB write in the emulated Cirrus graphics
        adaptor which could result in denial of service.
    
    CVE-2017-16845
    
        Cyrille Chatras discovered an information leak in PS/2 mouse and
        keyboard emulation which could be exploited during instance
        migration.
    
    CVE-2017-17381
    
        Dengzhan Heyuandong Bijunhua and Liweichao discovered that an
        implementation error in the virtio vring implementation could result
        in denial of service.
    
    CVE-2017-18043
    
        Eric Blake discovered an integer overflow in an internally used
        macro which could result in denial of service.
    
    CVE-2018-5683
    
        Jiang Xin and Lin ZheCheng discovered an OOB memory access in the
        emulated VGA adaptor which could result in denial of service.
    
    CVE-2018-7550
    
        Cyrille Chatras discovered that an OOB memory write when using
        multiboot could result in the execution of arbitrary code.
    
    This update also backports a number of mitigations against the Spectre
    v2 vulnerability affecting modern CPUs (CVE-2017-5715).  For additional
    information please refer to
    https://www.qemu.org/2018/01/04/spectre/
    
    For the stable distribution (stretch), these problems have been fixed in
    version 1:2.8+dfsg-6+deb9u4.
    
    We recommend that you upgrade your qemu packages.
    
    For the detailed security status of qemu please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/qemu
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.