Bug 9871 - qemu new security issue CVE-2013-1922
: qemu new security issue CVE-2013-1922
Product: Mageia
Classification: Unclassified
Component: Security
: 2
: i586 Linux
: Normal Severity: major
: ---
Assigned To: QA Team
: Sec team
: http://lwn.net/Vulnerabilities/548505/
: has_procedure mga2-64-ok mga2-32-ok
: validated_update
  Show dependency treegraph
Reported: 2013-04-26 00:13 CEST by David Walser
Modified: 2013-05-02 19:32 CEST (History)
2 users (show)

See Also:
Source RPM: qemu-1.2.0-7.mga3.src.rpm


Description David Walser 2013-04-26 00:13:32 CEST
Fedora has issued an advisory on April 21:

Mageia 2 is also affected.

Patch checked into SVN for Mageia 2 and Cauldron.

Currently testing a Cauldron build locally before asking for a freeze push.

Will submit the Mageia 2 build once it's available in Cauldron.


Steps to Reproduce:
Comment 1 David Walser 2013-04-26 16:28:40 CEST
Patched packages uploaded for Mageia 2 and Cauldron.


Updated qemu packages fix security vulnerability:

A security flaw was found in the way qemu-nbd, the QEMU Disk Network Block
Device server tool of QEMU, performed detection of image formats (the image
format has been previously autodetected). A guest operating system
administrator could write a header to particular raw disk image format,
describing another format than original one for that disk image, leading to
scenario in which after restart of that guest, QEMU would detect new format
of the image, and could allow the guest to read any file on the host if QEMU
was sufficiently privileged (CVE-2013-1922).


Updated packages in core/updates_testing:

from qemu-1.0-6.4.mga2.src.rpm
Comment 2 claire robinson 2013-04-30 19:18:38 CEST
Procedure: https://bugs.mageia.org/show_bug.cgi?id=6694#c3
Comment 3 claire robinson 2013-04-30 20:46:43 CEST
Testing complete mga2 64

IIUC We don't have nbd-client in mga2 so although we can serve the image there is nothing to connect it with. eg. http://blogs.gnome.org/muelli/2010/03/mounting-qemu-qcow2-image-using-nbd/

$ qemu-nbd -p 1024 mageia.qcow2 &
[1] 16727

# netstat -pant | grep 1024
tcp   0    0*     LISTEN      16727/qemu-nbd

All other tests ok.
Comment 4 claire robinson 2013-05-01 14:51:27 CEST
Testing mga2 32
Comment 5 claire robinson 2013-05-01 16:25:22 CEST
Testing complete mga2 32


Advisory & SRPM in comment 1

Could sysadmin please push from core/updates_testing to core/updates

Comment 6 Thomas Backlund 2013-05-02 19:32:27 CEST
Update pushed:

Note You need to log in before you can comment on or make changes to this bug.