Univention Bugzilla – Bug 43359
qemu: Multiple issues (4.1)
Last modified: 2017-05-24 11:10:24 CEST
CVE-2016-9911 Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/ process could use this issue to leak host memory, resulting in DoS for a host. CVE-2016-9921, CVE-2016-9922 Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS. For Debian 7 "Wheezy", these problems have been fixed in version 1.1.2+dfsg-6+deb7u19.
Upstream Debian package version 1.1.2+dfsg-6+deb7u20 fixes: CVE ID : CVE-2017-2615 CVE-2017-2620 CVE-2017-5898 CVE-2017-597
Version 1.1.2+dfsg-6+deb7u20 Rev 83655 Date 2017-03-17 13:31:24 Release 4.1-0-0 Scope errata4.1-4 repo_admin.py -U -p qemu -d wheezy -r 4.1 -s errata4.1-4 # 1.1.2+dfsg-6+deb7u20 Package: qemu Version: 1.1.2+dfsg-6.55.201704191253 Branch: ucs_4.1-0 Scope: errata4.1-4 r78832 | Bug #43360: qemu-1.1.2+dfsg-6+deb7u20 errata4.1-4 YAML QA: qemu-system-x86_64 -kernel /boot/vmlinuz-`uname -r` -m 512m
Advisory: OK Tests (amd64, KVM host): OK
<http://errata.software-univention.de/ucs/4.1/425.html>