[ubuntu/precise-updates] qemu-kvm 1.0+noroms-0ubuntu14.31 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Nov 9 18:58:20 UTC 2016
qemu-kvm (1.0+noroms-0ubuntu14.31) precise-security; urgency=medium
* SECURITY UPDATE: DoS via unbounded memory allocation
- debian/patches/CVE-2016-5403.patch: re-enable original patch.
- debian/patches/CVE-2016-5403-2.patch: recalculate vq->inuse after
migration in hw/virtio.c.
- debian/patches/CVE-2016-5403-3.patch: decrement vq->inuse in
virtqueue_discard() in hw/virtio.c.
- debian/patches/CVE-2016-5403-4.patch: zero vq->inuse in
virtio_reset() in hw/virtio.c.
- CVE-2016-5403
* SECURITY UPDATE: directory traversal flaw in 9p virtio backend
- debian/patches/CVE-2016-7116-1.patch: forbid illegal path names in
hw/9pfs/virtio-9p.c.
- debian/patches/CVE-2016-7116-2.patch: forbid . and .. in file names
in hw/9pfs/virtio-9p.c.
- debian/patches/CVE-2016-7116-3.patch: handle walk of ".." in the root
directory in hw/9pfs/virtio-9p.*.
- debian/patches/CVE-2016-7116-4.patch: fix potential segfault during
walk in hw/9pfs/virtio-9p.c.
- CVE-2016-7116
* SECURITY UPDATE: buffer overflow in xlnx.xps-ethernetlite
- debian/patches/CVE-2016-7161.patch: fix a heap overflow in
hw/xilinx_ethlite.c.
- CVE-2016-7161
* SECURITY UPDATE: OOB stack memory access in vmware_vga
- debian/patches/CVE-2016-7170.patch: correct bitmap and pixmap size
checks in hw/vmware_vga.c.
- CVE-2016-7170
* SECURITY UPDATE: denial of service in mcf via invalid count
- debian/patches/CVE-2016-7908.patch: limit buffer descriptor count in
hw/mcf_fec.c.
- CVE-2016-7908
* SECURITY UPDATE: denial of service in pcnet via invalid length
- debian/patches/CVE-2016-7909.patch: check rx/tx descriptor ring
length in hw/pcnet.c.
- CVE-2016-7909
* SECURITY UPDATE: infinite loop in Intel HDA controller
- debian/patches/CVE-2016-8909.patch: check stream entry count during
transfer in hw/intel-hda.c.
- CVE-2016-8909
* SECURITY UPDATE: infinite loop in RTL8139 ethernet controller
- debian/patches/CVE-2016-8910.patch: limit processing of ring
descriptors in hw/rtl8139.c.
- CVE-2016-8910
* SECURITY UPDATE: memory leakage at device unplug in eepro100
- debian/patches/CVE-2016-9101.patch: fix memory leak in device uninit
in hw/eepro100.c.
- CVE-2016-9101
* SECURITY UPDATE: denial of service via memory leak in 9pfs
- debian/patches/CVE-2016-9102.patch: fix memory leak in
v9fs_xattrcreate in hw/9pfs/virtio-9p.c.
- CVE-2016-9102
* SECURITY UPDATE: information leakage via xattribute in 9pfs
- debian/patches/CVE-2016-9103.patch: fix information leak in xattr
read in hw/9pfs/virtio-9p.c.
- CVE-2016-9103
* SECURITY UPDATE: integer overflow leading to OOB access in 9pfs
- debian/patches/CVE-2016-9104.patch: fix integer overflow issue in
xattr read/write in hw/9pfs/virtio-9p.c.
- CVE-2016-9104
* SECURITY UPDATE: denial of service via memory leakage in 9pfs
- debian/patches/CVE-2016-9105.patch: fix memory leak in v9fs_link in
hw/9pfs/virtio-9p.c.
- CVE-2016-9105
Date: 2016-11-08 14:03:27.449957+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.31
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list