[ubuntu/precise-security] qemu-kvm 1.0+noroms-0ubuntu14.28 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Thu May 12 14:03:44 UTC 2016 

qemu-kvm (1.0+noroms-0ubuntu14.28) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via multiple eof_timers in ohci
    - debian/patches/CVE-2016-2391.patch: allocate timer only once in
      hw/usb-ohci.c.
    - CVE-2016-2391
  * SECURITY UPDATE: denial of service in in remote NDIS control message
    handling
    - debian/patches/CVE-2016-2392.patch: check USB configuration
      descriptor object in hw/usb-net.c.
    - CVE-2016-2392
  * SECURITY UPDATE: denial of service or host information leak in USB Net
    device emulation support
    - debian/patches/CVE-2016-2538.patch: check RNDIS buffer offsets and
      length in hw/usb-net.c.
    - CVE-2016-2538
  * SECURITY UPDATE: denial of service via infinite loop in ne2000
    - debian/patches/CVE-2016-2841.patch: heck ring buffer control
      registers in hw/ne2000.c.
    - CVE-2016-2841
  * SECURITY UPDATE: denial of service via payload length in crafted packet
    - debian/patches/CVE-2016-2857.patch: check packet payload length in
      net/checksum.c.
    - CVE-2016-2857
  * SECURITY UPDATE: arbitrary host code execution via VGA module
    - debian/patches/CVE-2016-3710.patch: fix banked access bounds checking
      in hw/vga.c.
    - CVE-2016-3710
  * SECURITY UPDATE: denial of service via VGA module
    - debian/patches/CVE-2016-3712.patch: make sure vga register setup for
      vbe stays intact in hw/vga.c.
    - CVE-2016-3712
  * SECURITY UPDATE: denial of service in Luminary Micro Stellaris Ethernet
    - debian/patches/CVE-2016-4001.patch: check packet length against
      receive buffer in hw/stellaris_enet.c.
    - CVE-2016-4001
  * SECURITY UPDATE: denial of sevice and possible code execution in
    MIPSnet
    - debian/patches/CVE-2016-4002.patch: check size in hw/mipsnet.c.
    - CVE-2016-4002
  * SECURITY UPDATE: denial of service via infinite loop in in usb_ehci
    - debian/patches/CVE-2016-4037.patch: apply limit to iTD/sidt
      descriptors in hw/usb-ehci.c.
    - CVE-2016-4037

Date: 2016-05-11 14:18:19.175363+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.28
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list