Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in QEMU.
Software Description:
- qemu: Machine emulator and virtualizer
Details:
Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU
device. An attacker inside the guest could use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS and Ubuntu 16.10. (CVE-2016-10028, CVE-2016-10029)
Li Qiang discovered that QEMU incorrectly handled the 6300esb watchdog. A
privileged attacker inside the guest could use this issue to cause QEMU to
crash, resulting in a denial of service. (CVE-2016-10155)
Li Qiang discovered that QEMU incorrectly handled the i.MX Fast Ethernet
Controller. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. This issue only
affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7907)
It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A
privileged at...
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: qemu-system 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-aarch64 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-arm 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-mips 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-misc 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-ppc 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-s390x 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-sparc 1:2.6.1+dfsg-0ubuntu5.4 qemu-system-x86 1:2.6.1+dfsg-0ubuntu5.4 Ubuntu 16.04 LTS: qemu-system 1:2.5+dfsg-5ubuntu10.11 qemu-system-aarch64 1:2.5+dfsg-5ubuntu10.11 qemu-system-arm 1:2.5+dfsg-5ubuntu10.11 qemu-system-mips 1:2.5+dfsg-5ubuntu10.11 qemu-system-misc 1:2.5+dfsg-5ubuntu10.11 qemu-system-ppc 1:2.5+dfsg-5ubuntu10.11 qemu-system-s390x 1:2.5+dfsg-5ubuntu10.11 qemu-system-sparc 1:2.5+dfsg-5ubuntu10.11 qemu-system-x86 1:2.5+dfsg-5ubuntu10.11 Ubuntu 14.04 LTS: qemu-system 2.0.0+dfsg-2ubuntu1.33 qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.33 qemu-system-arm 2.0.0+dfsg-2ubuntu1.33 qemu-system-mips 2.0.0+dfsg-2ubuntu1.33 qemu-system-misc 2.0.0+dfsg-2ubuntu1.33 qemu-system-ppc 2.0.0+dfsg-2ubuntu1.33 qemu-system-sparc 2.0.0+dfsg-2ubuntu1.33 qemu-system-x86 2.0.0+dfsg-2ubuntu1.33 After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes.
https://ubuntu.com/security/notices/USN-3261-1
CVE-2016-10028, CVE-2016-10029, CVE-2016-10155, CVE-2016-7907,
CVE-2016-8667, CVE-2016-8669, CVE-2016-9381, CVE-2016-9602,
CVE-2016-9603, CVE-2016-9776, CVE-2016-9845, CVE-2016-9846,
CVE-2016-9907, CVE-2016-9908, CVE-2016-9911, CVE-2016-9912,
CVE-2016-9913, CVE-2016-9914, CVE-2016-9915, CVE-2016-9916,
CVE-2016-9921, CVE-2016-9922, CVE-2017-2615, CVE-2017-2620,
CVE-2017-2633, CVE-2017-5525, CVE-2017-5526, CVE-2017-5552,
CVE-2017-5578, CVE-2017-5579, CVE-2017-5667, CVE-2017-5856,
CVE-2017-5857, CVE-2017-5898, CVE-2017-5973, CVE-2017-5987,
CVE-2017-6505
Get the latest Linux and open source security news straight to your inbox.