--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-b953d4d3a4
2017-01-20 14:15:21.263862
--------------------------------------------------------------------------------

Name        : qemu
Product     : Fedora 25
Version     : 2.7.1
Release     : 2.fc25
URL         : https://www.qemu.org/
Summary     : QEMU is a FAST! processor emulator
Description :
QEMU is a generic and open source processor emulator which achieves a good
emulation speed by using dynamic translation. QEMU has two operating modes:

 * Full system emulation. In this mode, QEMU emulates a full system (for
   example a PC), including a processor and various peripherials. It can be
   used to launch different Operating Systems without rebooting the PC or
   to debug system code.
 * User mode emulation. In this mode, QEMU can launch Linux processes compiled
   for one CPU on another CPU.

As QEMU requires no host kernel patches to run, it is safe and easy to use.

--------------------------------------------------------------------------------
Update Information:

* CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz
#1366370) * CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196)
* CVE-2016-7994: virtio-gpu: memory leak in resource_create_2d (bz #1382667) *
CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (bz #1383286) *
CVE-2016-8578: 9pfs: potential NULL dereferencein 9pfs routines (bz #1383292) *
CVE-2016-8668: OOB buffer access in rocker switch emulation (bz #1384898) *
CVE-2016-8669: divide by zero error in serial_update_parameters (bz #1384911) *
CVE-2016-8909: intel-hda: infinite loop in dma buffer stream (bz #1388053) *
Infinite loop vulnerability in a9_gtimer_update (bz #1388300) * CVE-2016-9101:
eepro100: memory leakage at device unplug (bz #1389539) * CVE-2016-9103: 9pfs:
information leakage via xattr (bz #1389643) * CVE-2016-9102: 9pfs: memory
leakage when creating extended attribute (bz #1389551) * CVE-2016-9104: 9pfs:
integer overflow leading to OOB access (bz #1389687) * CVE-2016-9105: 9pfs:
memory leakage in v9fs_link (bz #1389704) * CVE-2016-9106: 9pfs: memory leakage
in v9fs_write (bz #1389713) * CVE-2016-9381: xen: incautious about shared ring
processing (bz #1397385) * CVE-2016-9921: Divide by zero vulnerability in
cirrus_do_copy (bz #1399054) * CVE-2016-9776: infinite loop while receiving data
in mcf_fec_receive (bz #1400830) * CVE-2016-9845: information leakage in
virgl_cmd_get_capset_info (bz #1402247) * CVE-2016-9846: virtio-gpu: memory
leakage while updating cursor data (bz #1402258) * CVE-2016-9907: usbredir:
memory leakage when destroying redirector (bz #1402266) * CVE-2016-9911: usb:
ehci: memory leakage in ehci_init_transfer (bz #1402273) * CVE-2016-9913: 9pfs:
memory leakage via proxy/handle callbacks (bz #1402277) * CVE-2016-10028:
virtio-gpu-3d: OOB access while reading virgl capabilities (bz #1406368) *
CVE-2016-9908: virtio-gpu: information leakage in virgl_cmd_get_capset (bz
#1402263) * CVE-2016-9912: virtio-gpu: memory leakage when destroying gpu
resource (bz #1402285)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1366369 - CVE-2016-6836 Qemu: net: vmxnet: Information leakage in vmxnet3_complete_packet
        https://bugzilla.redhat.com/show_bug.cgi?id=1366369
  [ 2 ] Bug #1329538 - CVE-2016-7909 Qemu: net: pcnet: infinite loop in pcnet_rdra_addr()
        https://bugzilla.redhat.com/show_bug.cgi?id=1329538
  [ 3 ] Bug #1382666 - CVE-2016-7994 Qemu: virtio-gpu: memory leak in virtio_gpu_resource_create_2d
        https://bugzilla.redhat.com/show_bug.cgi?id=1382666
  [ 4 ] Bug #1383285 - CVE-2016-8577 Qemu: 9pfs: host memory leakage in v9fs_read
        https://bugzilla.redhat.com/show_bug.cgi?id=1383285
  [ 5 ] Bug #1383291 - CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines
        https://bugzilla.redhat.com/show_bug.cgi?id=1383291
  [ 6 ] Bug #1384896 - CVE-2016-8668 Qemu: net: OOB buffer access in rocker switch emulation
        https://bugzilla.redhat.com/show_bug.cgi?id=1384896
  [ 7 ] Bug #1384909 - CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters        https://bugzilla.redhat.com/show_bug.cgi?id=1384909
  [ 8 ] Bug #1388052 - CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream
        https://bugzilla.redhat.com/show_bug.cgi?id=1388052
  [ 9 ] Bug #1389538 - CVE-2016-9101 Qemu: net: eepro100 memory leakage at device unplug
        https://bugzilla.redhat.com/show_bug.cgi?id=1389538
  [ 10 ] Bug #1389642 - CVE-2016-9103 Qemu: 9pfs: information leakage via xattr
        https://bugzilla.redhat.com/show_bug.cgi?id=1389642
  [ 11 ] Bug #1389550 - CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended attribute
        https://bugzilla.redhat.com/show_bug.cgi?id=1389550
  [ 12 ] Bug #1389686 - CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access
        https://bugzilla.redhat.com/show_bug.cgi?id=1389686
  [ 13 ] Bug #1389702 - CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link
        https://bugzilla.redhat.com/show_bug.cgi?id=1389702
  [ 14 ] Bug #1389712 - CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write
        https://bugzilla.redhat.com/show_bug.cgi?id=1389712
  [ 15 ] Bug #1392938 - CVE-2016-9381 xsa197 xen: qemu incautious about shared ring processing (XSA-197)
        https://bugzilla.redhat.com/show_bug.cgi?id=1392938
  [ 16 ] Bug #1334398 - CVE-2016-9921 CVE-2016-9922 Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy
        https://bugzilla.redhat.com/show_bug.cgi?id=1334398
  [ 17 ] Bug #1400829 - CVE-2016-9776 Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive
        https://bugzilla.redhat.com/show_bug.cgi?id=1400829
  [ 18 ] Bug #1402245 - CVE-2016-9845 Qemu: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info
        https://bugzilla.redhat.com/show_bug.cgi?id=1402245
  [ 19 ] Bug #1402255 - CVE-2016-9846 Qemu: display: virtio-gpu: memory leakage while updating cursor data
        https://bugzilla.redhat.com/show_bug.cgi?id=1402255
  [ 20 ] Bug #1402265 - CVE-2016-9907 Qemu: usb: redirector: memory leakage when destroying redirector
        https://bugzilla.redhat.com/show_bug.cgi?id=1402265
  [ 21 ] Bug #1402272 - CVE-2016-9911 Qemu: usb: ehci: memory leakage in ehci_init_transfer
        https://bugzilla.redhat.com/show_bug.cgi?id=1402272
  [ 22 ] Bug #1402276 - CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Qemu: 9pfs: memory leakage via proxy/handle callbacks
        https://bugzilla.redhat.com/show_bug.cgi?id=1402276
  [ 23 ] Bug #1406367 - CVE-2016-10028 Qemu: display: virtio-gpu-3d: OOB access while reading virgl capabilities
        https://bugzilla.redhat.com/show_bug.cgi?id=1406367
  [ 24 ] Bug #1402262 - CVE-2016-9908 Qemu: display: virtio-gpu: information leakage in virgl_cmd_get_capset
        https://bugzilla.redhat.com/show_bug.cgi?id=1402262
  [ 25 ] Bug #1402284 - CVE-2016-9912 Qemu: display: virtio-gpu: memory leakage when destroying gpu resource
        https://bugzilla.redhat.com/show_bug.cgi?id=1402284
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade qemu' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 25: qemu Security Update

January 20, 2017
* CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz #1366370) * CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196) * CVE-2016-7994: virtio...

Summary

QEMU is a generic and open source processor emulator which achieves a good

emulation speed by using dynamic translation. QEMU has two operating modes:

* Full system emulation. In this mode, QEMU emulates a full system (for

example a PC), including a processor and various peripherials. It can be

used to launch different Operating Systems without rebooting the PC or

to debug system code.

* User mode emulation. In this mode, QEMU can launch Linux processes compiled

for one CPU on another CPU.

As QEMU requires no host kernel patches to run, it is safe and easy to use.

Update Information:

* CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz #1366370) * CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196) * CVE-2016-7994: virtio-gpu: memory leak in resource_create_2d (bz #1382667) * CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (bz #1383286) * CVE-2016-8578: 9pfs: potential NULL dereferencein 9pfs routines (bz #1383292) * CVE-2016-8668: OOB buffer access in rocker switch emulation (bz #1384898) * CVE-2016-8669: divide by zero error in serial_update_parameters (bz #1384911) * CVE-2016-8909: intel-hda: infinite loop in dma buffer stream (bz #1388053) * Infinite loop vulnerability in a9_gtimer_update (bz #1388300) * CVE-2016-9101: eepro100: memory leakage at device unplug (bz #1389539) * CVE-2016-9103: 9pfs: information leakage via xattr (bz #1389643) * CVE-2016-9102: 9pfs: memory leakage when creating extended attribute (bz #1389551) * CVE-2016-9104: 9pfs: integer overflow leading to OOB access (bz #1389687) * CVE-2016-9105: 9pfs: memory leakage in v9fs_link (bz #1389704) * CVE-2016-9106: 9pfs: memory leakage in v9fs_write (bz #1389713) * CVE-2016-9381: xen: incautious about shared ring processing (bz #1397385) * CVE-2016-9921: Divide by zero vulnerability in cirrus_do_copy (bz #1399054) * CVE-2016-9776: infinite loop while receiving data in mcf_fec_receive (bz #1400830) * CVE-2016-9845: information leakage in virgl_cmd_get_capset_info (bz #1402247) * CVE-2016-9846: virtio-gpu: memory leakage while updating cursor data (bz #1402258) * CVE-2016-9907: usbredir: memory leakage when destroying redirector (bz #1402266) * CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer (bz #1402273) * CVE-2016-9913: 9pfs: memory leakage via proxy/handle callbacks (bz #1402277) * CVE-2016-10028: virtio-gpu-3d: OOB access while reading virgl capabilities (bz #1406368) * CVE-2016-9908: virtio-gpu: information leakage in virgl_cmd_get_capset (bz #1402263) * CVE-2016-9912: virtio-gpu: memory leakage when destroying gpu resource (bz #1402285)

Change Log

References

[ 1 ] Bug #1366369 - CVE-2016-6836 Qemu: net: vmxnet: Information leakage in vmxnet3_complete_packet https://bugzilla.redhat.com/show_bug.cgi?id=1366369 [ 2 ] Bug #1329538 - CVE-2016-7909 Qemu: net: pcnet: infinite loop in pcnet_rdra_addr() https://bugzilla.redhat.com/show_bug.cgi?id=1329538 [ 3 ] Bug #1382666 - CVE-2016-7994 Qemu: virtio-gpu: memory leak in virtio_gpu_resource_create_2d https://bugzilla.redhat.com/show_bug.cgi?id=1382666 [ 4 ] Bug #1383285 - CVE-2016-8577 Qemu: 9pfs: host memory leakage in v9fs_read https://bugzilla.redhat.com/show_bug.cgi?id=1383285 [ 5 ] Bug #1383291 - CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines https://bugzilla.redhat.com/show_bug.cgi?id=1383291 [ 6 ] Bug #1384896 - CVE-2016-8668 Qemu: net: OOB buffer access in rocker switch emulation https://bugzilla.redhat.com/show_bug.cgi?id=1384896 [ 7 ] Bug #1384909 - CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters https://bugzilla.redhat.com/show_bug.cgi?id=1384909 [ 8 ] Bug #1388052 - CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream https://bugzilla.redhat.com/show_bug.cgi?id=1388052 [ 9 ] Bug #1389538 - CVE-2016-9101 Qemu: net: eepro100 memory leakage at device unplug https://bugzilla.redhat.com/show_bug.cgi?id=1389538 [ 10 ] Bug #1389642 - CVE-2016-9103 Qemu: 9pfs: information leakage via xattr https://bugzilla.redhat.com/show_bug.cgi?id=1389642 [ 11 ] Bug #1389550 - CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended attribute https://bugzilla.redhat.com/show_bug.cgi?id=1389550 [ 12 ] Bug #1389686 - CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access https://bugzilla.redhat.com/show_bug.cgi?id=1389686 [ 13 ] Bug #1389702 - CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link https://bugzilla.redhat.com/show_bug.cgi?id=1389702 [ 14 ] Bug #1389712 - CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write https://bugzilla.redhat.com/show_bug.cgi?id=1389712 [ 15 ] Bug #1392938 - CVE-2016-9381 xsa197 xen: qemu incautious about shared ring processing (XSA-197) https://bugzilla.redhat.com/show_bug.cgi?id=1392938 [ 16 ] Bug #1334398 - CVE-2016-9921 CVE-2016-9922 Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy https://bugzilla.redhat.com/show_bug.cgi?id=1334398 [ 17 ] Bug #1400829 - CVE-2016-9776 Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive https://bugzilla.redhat.com/show_bug.cgi?id=1400829 [ 18 ] Bug #1402245 - CVE-2016-9845 Qemu: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info https://bugzilla.redhat.com/show_bug.cgi?id=1402245 [ 19 ] Bug #1402255 - CVE-2016-9846 Qemu: display: virtio-gpu: memory leakage while updating cursor data https://bugzilla.redhat.com/show_bug.cgi?id=1402255 [ 20 ] Bug #1402265 - CVE-2016-9907 Qemu: usb: redirector: memory leakage when destroying redirector https://bugzilla.redhat.com/show_bug.cgi?id=1402265 [ 21 ] Bug #1402272 - CVE-2016-9911 Qemu: usb: ehci: memory leakage in ehci_init_transfer https://bugzilla.redhat.com/show_bug.cgi?id=1402272 [ 22 ] Bug #1402276 - CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Qemu: 9pfs: memory leakage via proxy/handle callbacks https://bugzilla.redhat.com/show_bug.cgi?id=1402276 [ 23 ] Bug #1406367 - CVE-2016-10028 Qemu: display: virtio-gpu-3d: OOB access while reading virgl capabilities https://bugzilla.redhat.com/show_bug.cgi?id=1406367 [ 24 ] Bug #1402262 - CVE-2016-9908 Qemu: display: virtio-gpu: information leakage in virgl_cmd_get_capset https://bugzilla.redhat.com/show_bug.cgi?id=1402262 [ 25 ] Bug #1402284 - CVE-2016-9912 Qemu: display: virtio-gpu: memory leakage when destroying gpu resource https://bugzilla.redhat.com/show_bug.cgi?id=1402284

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade qemu' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : qemu
Product : Fedora 25
Version : 2.7.1
Release : 2.fc25
URL : https://www.qemu.org/
Summary : QEMU is a FAST! processor emulator

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved