Package "qemu-kvm"
Name: |
qemu-kvm
|
Description: |
Full virtualization on i386 and amd64 hardware
|
Latest version: |
1.0+noroms-0ubuntu14.31 |
Release: |
precise (12.04) |
Level: |
security |
Repository: |
main |
Homepage: |
http://www.linux-kvm.org |
Links
Download "qemu-kvm"
Other versions of "qemu-kvm" in Precise
Packages in group
Deleted packages are displayed in grey.
Changelog
qemu-kvm (1.0+noroms-0ubuntu14.26) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via jumbo frame flood in virtio
- debian/patches/CVE-2015-7295.patch: drop truncated packets in
hw/virtio-net.c, hw/virtio.c, hw/virtio.h.
- CVE-2015-7295
* SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
- debian/patches/CVE-2015-7504.patch: leave room for CRC code in
hw/pcnet.c.
- CVE-2015-7504
* SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
- debian/patches/CVE-2015-7512.patch: check packet length in
hw/pcnet.c.
- CVE-2015-7512
* SECURITY UPDATE: infinite loop in eepro100
- debian/patches/CVE-2015-8345.patch: prevent endless loop in
hw/eepro100.c.
- CVE-2015-8345
-- Marc Deslauriers Tue, 01 Dec 2015 16:30:23 -0500
|
Source diff to previous version |
CVE-2015-7295 |
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote |
CVE-2015-7504 |
net: pcnet: heap overflow vulnerability in loopback mode |
CVE-2015-7512 |
net: pcnet: buffer overflow in non-loopback mode |
CVE-2015-8345 |
Qemu: net: eepro100: infinite loop in processing command block list |
|
qemu-kvm (1.0+noroms-0ubuntu14.25) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via vnc infinite loop
- debian/patches/CVE-2015-5239.patch: limit client_cut_text msg payload
size in ui/vnc.c.
- CVE-2015-5239
* SECURITY UPDATE: denial of service via NE2000 driver
- debian/patches/CVE-2015-5278.patch: fix infinite loop in
hw/ne2000.c.
- CVE-2015-5278
* SECURITY UPDATE: denial of service and possible code execution via
heap overflow in NE2000 driver
- debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
hw/ne2000.c.
- CVE-2015-5279
* SECURITY UPDATE: denial of service via e1000 infinite loop
- debian/patches/CVE-2015-6815.patch: check bytes in hw/e1000.c.
- CVE-2015-6815
* SECURITY UPDATE: denial of service via illegal ATAPI commands
- debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
hw/ide/core.c.
- CVE-2015-6855
-- Marc Deslauriers Wed, 23 Sep 2015 15:28:32 -0400
|
Source diff to previous version |
CVE-2015-5239 |
Integer overflow in vnc_client_read() and protocol_client_msg() |
CVE-2015-5278 |
net: avoid infinite loop when receiving packets |
CVE-2015-5279 |
add checks to validate ring buffer pointers |
CVE-2015-6815 |
Qemu: net: e1000 infinite loop issue |
CVE-2015-6855 |
commands which are illegal to sent to an ATAPI device should be rejected |
|
qemu-kvm (1.0+noroms-0ubuntu14.24) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via PRDT with zero complete sectors
- debian/patches/CVE-2014-9718.patch: refactor return codes in
hw/ide/ahci.c, hw/ide/core.c, hw/ide/internal.h, hw/ide/pci.c.
- CVE-2014-9718
* SECURITY UPDATE: process heap memory disclosure
- debian/patches/CVE-2015-5165.patch: check sizes in hw/rtl8139.c.
- CVE-2015-5165
-- Marc Deslauriers Tue, 25 Aug 2015 08:58:16 -0400
|
Source diff to previous version |
CVE-2014-9718 |
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return val |
CVE-2015-5165 |
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read pro |
|
qemu-kvm (1.0+noroms-0ubuntu14.23) precise-security; urgency=medium
* SECURITY UPDATE: heap overflow in PCNET controller
- debian/patches/CVE-2015-3209-pre.patch: fix negative array index read
in hw/pcnet.c.
- debian/patches/CVE-2015-3209.patch: check bounds in hw/pcnet.c.
- CVE-2015-3209
* SECURITY UPDATE: unsafe /tmp filename use by slirp
- debian/patches/CVE-2015-4037.patch: use mkdtemp in net/slirp.c.
- CVE-2015-4037
-- Marc Deslauriers <email address hidden> Tue, 09 Jun 2015 10:21:44 -0400
|
Source diff to previous version |
CVE-2015-3209 |
heap overflow in qemu pcnet controller allowing guest to host escape |
|
qemu-kvm (1.0+noroms-0ubuntu14.22) precise-security; urgency=medium
* SECURITY UPDATE: host code execution via floppy device (VEMON)
- debian/patches/CVE-2015-3456.patch: force the fifo access to be in
bounds of the allocated buffer in hw/block/fdc.c.
- CVE-2015-3456
-- Marc Deslauriers <email address hidden> Wed, 13 May 2015 08:19:08 -0400
|
CVE-2015-3456 |
vulnerability in QEMU's virtual Floppy Disk Controller |
|
About
-
Send Feedback to @ubuntu_updates