[ubuntu/trusty-updates] qemu 2.0.0+dfsg-2ubuntu1.35 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Sep 13 12:28:18 UTC 2017

qemu (2.0.0+dfsg-2ubuntu1.35) trusty-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via virtFS
    - debian/patches/CVE-2017-7493.patch: forbid client access to metadata
      in hw/9pfs/virtio-9p-local.c.
    - CVE-2017-7493
  * SECURITY UPDATE: DoS via message ring page count
    - debian/patches/CVE-2017-8112.patch: check page count in
    - CVE-2017-8112
  * SECURITY UPDATE: DoS in USB OHCI emulation
    - debian/patches/CVE-2017-9330.patch: fix error code in
    - CVE-2017-9330
  * SECURITY UPDATE: DoS in IDE AHCI emulation
    - debian/patches/CVE-2017-9373-1.patch: add cleanup function in
      hw/ide/core.c, hw/ide/internal.h.
    - debian/patches/CVE-2017-9373-2.patch: call cleanup function in
    - CVE-2017-9373
  * SECURITY UPDATE: DoS in USB EHCI emulation
    - debian/patches/CVE-2017-9374.patch: fix memory leak in
      hw/usb/hcd-ehci-pci.c, hw/usb/hcd-ehci.c, hw/usb/hcd-ehci.h.
    - CVE-2017-9374
  * SECURITY UPDATE: DoS in USB xHCI emulation
    - debian/patches/CVE-2017-9375.patch: guard against recursive calls in
    - CVE-2017-9375
    - debian/patches/CVE-2017-9503-pre1.patch: fixup device mapping in
      hw/scsi/megasas.c, hw/scsi/mfi.h.
    - debian/patches/CVE-2017-9503-1.patch: add test to
      tests/Makefile, tests/megasas-test.c.
    - debian/patches/CVE-2017-9503-2.patch: do not read sense length more
      than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-3.patch: do not read iovec count more
      than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-4.patch: do not read DCMD opcode more
      than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-5.patch: do not read command more than
      once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-6.patch: do not read SCSI req parameters
      more than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-7.patch: always store SCSIRequest* into
      MegasasCmd in hw/scsi/megasas.c, added test to tests/megasas-test.c.
    - CVE-2017-9503
  * SECURITY UPDATE: DoS via incorrect SIGPIPE handling
    - debian/patches/CVE-2017-10664.patch: ignore SIGPIPE in qemu-nbd.c.
    - CVE-2017-10664
  * SECURITY UPDATE: stack overflow in usbredir_log_data
    - debian/patches/CVE-2017-10806.patch: use qemu_hexdump in
    - CVE-2017-10806
  * SECURITY UPDATE: memory disclosure in Xen block-interface responses
    - debian/patches/CVE-2017-10911.patch: fill the fields directly in
    - CVE-2017-10911
  * SECURITY UPDATE: DoS via crafted DHCP options string
    - debian/patches/CVE-2017-11434.patch: check length in slirp/bootp.c.
    - CVE-2017-11434

Date: 2017-08-22 18:17:14.051864+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list