| Summary: | qemu new security issues CVE-2015-5278, CVE-2015-5279, and CVE-2015-7295 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, sysadmin-bugs, tmb, yann.cantin |
| Version: | 5 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/657989/ | ||
| Whiteboard: | has_procedure advisory MGA5-64-OK | ||
| Source RPM: | qemu-2.1.3-6.mga6.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2015-09-15 19:44:20 CEST
David Walser
2015-09-15 19:44:29 CEST
Whiteboard:
(none) =>
MGA5TOO CVE request for another issue: http://openwall.com/lists/oss-security/2015/09/18/5 (In reply to David Walser from comment #1) > CVE request for another issue: > http://openwall.com/lists/oss-security/2015/09/18/5 CVE-2015-7295 assigned: http://openwall.com/lists/oss-security/2015/09/18/9 Summary:
qemu new security issues CVE-2015-5278 and CVE-2015-5279 =>
qemu new security issues CVE-2015-5278, CVE-2015-5279, and CVE-2015-7295 Debian has issued an advisory for the first two issues on September 18: https://www.debian.org/security/2015/dsa-3361 URL:
(none) =>
http://lwn.net/Vulnerabilities/657989/ fixed qemu-2.1.3-7.mga6 pushed to cauldron. fixed qemu-2.1.3-2.7.mga5 pushed to mga5 updates_testing Advisory: Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service (QEMU process crash). (CVE-2015-5278) Qinghao Tang of QIHU 360 Inc. discovered a heap buffer overflow flaw in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service (QEMU process crash), or potentially to execute arbitrary code on the host with the privileges of the hosting QEMU process. (CVE-2015-5279) A flaw has been discovered in the QEMU emulator built with Virtual Network Device(virtio-net) support. If the guest's virtio-net driver did not support big or mergeable receive buffers, an issue could occur while receiving large packets over the tuntap/ macvtap interfaces. An attacker on the local network could use this flaw to disable the guest's networking; the user could send a large number of jumbo frames to the guest, which could exhaust all receive buffers, and lead to a denial of service. (CVE-2015-7295) CC:
(none) =>
tmb References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5279 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7295 https://lists.fedoraproject.org/pipermail/package-announce/2015-October/169036.html http://openwall.com/lists/oss-security/2015/09/18/9 Testing procedures: https://bugs.mageia.org/show_bug.cgi?id=13096#c34 https://bugs.mageia.org/show_bug.cgi?id=6694#c3 Whiteboard:
(none) =>
has_procedure
Dave Hodgins
2015-10-13 19:34:02 CEST
CC:
(none) =>
davidwhodgins SRPM: qemu-2.1.3-2.7.mga5.src.rpm i586: qemu-2.1.3-2.7.mga5.i586.rpm qemu-img-2.1.3-2.7.mga5.i586.rpm x86_64: qemu-2.1.3-2.7.mga5.x86_64.rpm qemu-img-2.1.3-2.7.mga5.x86_64.rpm mga5 x86_64 Installed packages : qemu-2.1.3-2.7.mga5.x86_64.rpm qemu-img-2.1.3-2.7.mga5.x86_64.rpm Test : https://bugs.mageia.org/show_bug.cgi?id=13096#c34 Update OK. CC:
(none) =>
yann.cantin Validating. Please push to 5 updates. Thanks Keywords:
(none) =>
validated_update An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0397.html Status:
NEW =>
RESOLVED LWN reference for CVE-2015-7295: http://lwn.net/Vulnerabilities/660669/ |