Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Fedora 24: 2016-12345 Moderate: QEMU Buffer Overflow in USB Emulation

fedora
Calendar Grey August 10, 2015
Scroller Fedora
Fedora 23 has released an update to mitigate a heap overflow vulnerability in QEMU connected to processing ATAPI commands. The patch details are included in the update logs.
QEMU heap overflow flaw while processing certain ATAPI commands

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

Update Information:

QEMU heap overflow flaw while processing certain ATAPI commands. [XSA-138, CVE-2015-5154] (#1247142) try again to fix xen-qemu-dom0-disk-backend.service (#1242246)

Change Log

References


[ 1 ] Bug #1243563 - CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access https://bugzilla.redhat.com/show_bug.cgi?id=1243563

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: xen
Product: Fedora 23
Version: 4.5.1
Release: 5.fc23
Summary: Xen is a virtual machine monitor

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.