Bug 12494 - qemu new security issue CVE-2013-4377
Summary: qemu new security issue CVE-2013-4377
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/583678/
Whiteboard: has_procedure MGA4-32-OK MGA4-64-OK a...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-01-31 19:49 CET by David Walser
Modified: 2014-02-12 18:46 CET (History)
4 users (show)

See Also:
Source RPM: qemu-1.6.1-2.mga4.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2014-01-31 19:49:51 CET 
Ubuntu has issued an advisory on January 30:
http://www.ubuntu.com/usn/usn-2092-1/

This issue was *not* fixed in 1.6.2, though the release announcement is here:
http://lists.nongnu.org/archive/html/qemu-stable/2013-12/msg00148.html

It was, however, fixed in this Fedora commit with patches 106-116:
http://pkgs.fedoraproject.org/cgit/qemu.git/commit/?h=f20&id=2983660f65e196adaefdadc807effe9c1af85cb3

The version in Mageia 3 is too old to be affected, so only Mageia 4 is.

Reproducible: 

Steps to Reproduce:
David Walser 2014-01-31 19:50:01 CET

Whiteboard: (none) => MGA4TOO

Comment 1 David Walser 2014-02-05 22:00:51 CET 
Updated and patched packages uploaded for Mageia 4 and Cauldron.

Advisory:
========================

Updated qemu packages fix security vulnerability:

Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging.
A local user could possibly use this flaw to cause a denial of service
(CVE-2013-4377).

Additionally, qemu has been updated to 1.6.2, fixing several other bugs.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4377
http://lists.nongnu.org/archive/html/qemu-stable/2013-12/msg00148.html
http://www.ubuntu.com/usn/usn-2092-1/
========================

Updated packages in core/updates_testing:
========================
qemu-1.6.2-1.mga4
qemu-img-1.6.2-1.mga4

from qemu-1.6.2-1.mga4

Version: Cauldron => 4
Assignee: bugsquad => qa-bugs
Whiteboard: MGA4TOO => (none)

Comment 2 Samuel Verschelde 2014-02-10 19:59:09 CET 
Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=6694#c3

CC: (none) => stormi
Whiteboard: (none) => has_procedure

Comment 3 Rémi Verschelde 2014-02-10 22:50:08 CET 
Testing complete on Mageia 4 i586, following the procedure linked in comment 2.
No regressions found.

CC: (none) => remi
Whiteboard: has_procedure => has_procedure MGA4-32-OK

Comment 4 Manuel Hiebel 2014-02-11 18:45:00 CET 
Using above procedure, everything ok.
Someone with commit right can upload advisory and validate.

Whiteboard: has_procedure MGA4-32-OK => has_procedure MGA4-32-OK MGA4-64-OK

Manuel Hiebel 2014-02-11 18:45:44 CET

Hardware: i586 => All

Comment 5 Rémi Verschelde 2014-02-12 09:39:33 CET 
Validating update.

Advisory uploaded, could a sysadmin push the update to core/updates for Mageia 4? Thanks!

Keywords: (none) => validated_update
Whiteboard: has_procedure MGA4-32-OK MGA4-64-OK => has_procedure MGA4-32-OK MGA4-64-OK advisory
CC: (none) => sysadmin-bugs

Comment 6 Thomas Backlund 2014-02-12 18:46:41 CET 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0060.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.