Debian 7 DLA-1070-1 Critical: Resolved Qemu Denial of Service Issues
debian lts
August 28, 2017
Multiple vulnerabilities were discovered in qemu, a fast processor emulator
Topics Covered
Summary
Denial of service via infinite loop in the USB OHCI emulation
CVE-2017-8309
Denial of service via VNC audio capture
CVE-2017-10664
Denial of service in qemu-nbd server, qemu-io and qemu-img
CVE-2017-11434
Denial of service via a crafted DHCP options string
For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u23.
We recommend that you upgrade your qemu packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
<pre><font face="Courier">Package: qemu
Version: 1.1.2+dfsg-6+deb7u23
CVE ID: CVE-2017-6505 CVE-2017-8309 CVE-2017-10664 CVE-2017-11434
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!