Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2014.0773
qemu and qemu-kvm security update
20 May 2014
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: qemu
qemu-kvm
Publisher: Debian
Operating System: Debian GNU/Linux 7
Linux variants
KVM
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Increased Privileges -- Existing Account
Access Privileged Data -- Existing Account
Denial of Service -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2014-2894 CVE-2013-4344
Reference: ESB-2013.1682
ESB-2013.1666
ESB-2013.1661
Original Bulletin:
http://www.debian.org/security/2014/dsa-2932
http://www.debian.org/security/2014/dsa-2933
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running qemu or qemu-kvm check for an updated version of the
software for their operating system.
This bulletin contains two (2) Debian security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2932-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
May 19, 2014 http://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : qemu
CVE ID : CVE-2013-4344 CVE-2014-2894
Debian Bug : 745157 725944
Several vulnerabilities were discovered in qemu, a fast processor emulator.
CVE-2013-4344
Buffer overflow in the SCSI implementation in QEMU,
when a SCSI controller has more than 256 attached devices, allows
local users to gain privileges via a small transfer buffer in a
REPORT LUNS command.
CVE-2014-2894
Off-by-one error in the cmd_smart function in the smart self test in
hw/ide/core.c in QEMU allows local users to have
unspecified impact via a SMART EXECUTE OFFLINE command that triggers
a buffer underflow and memory corruption.
For the stable distribution (wheezy), these problems have been fixed in
version 1.1.2+dfsg-6a+deb7u3.
For the testing distribution (jessie), these problems have been fixed in
version 2.0.0+dfsg-1.
For the unstable distribution (sid), these problems have been fixed in
version 2.0.0+dfsg-1.
We recommend that you upgrade your qemu packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEARECAAYFAlN5008ACgkQNxpp46476aqIiQCggsIrU5Jqv/BZfrF+5I2ocoaG
vTkAoIZTmVAnZn1hc3j5rt03J3ecWguf
=gxqO
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2933-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
May 19, 2014 http://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : qemu-kvm
CVE ID : CVE-2013-4344 CVE-2014-2894
Debian Bug : 745157 725944
Several vulnerabilities were discovered in qemu-kvm, a full
virtualization solution on x86 hardware.
CVE-2013-4344
Buffer overflow in the SCSI implementation in QEMU,
when a SCSI controller has more than 256 attached devices, allows
local users to gain privileges via a small transfer buffer in a
REPORT LUNS command.
CVE-2014-2894
Off-by-one error in the cmd_smart function in the smart self test in
hw/ide/core.c in QEMU allows local users to have
unspecified impact via a SMART EXECUTE OFFLINE command that triggers
a buffer underflow and memory corruption.
For the stable distribution (wheezy), these problems have been fixed in
version 1.1.2+dfsg-6+deb7u3.
We recommend that you upgrade your qemu-kvm packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEARECAAYFAlN6BUYACgkQNxpp46476aojCwCZAXKnrPO692P0h2gC8ejL8LUI
jMYAoI4auIQesFeYWeCgBN4LeANJw+ZX
=64eN
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBU3r7VhLndAQH1ShLAQIF1g/9GvgZnFMQaRzZ42tQYl7TaMsESJjo5fEK
Dxvd4ANiRxVV/M7y07QWTpDcZiETawv96X/5asebBBnXECgGI+Aa/KxPkcM3XKsU
apDzihoomF0Jj8k6QxuvjhgUNhtoEnaTr69/W5w4Lp94uhaAZtnyqkxC5o/VI23v
Q5UsMgdoccT5/hwzind0W0LhzpMR52g7+00XNSqN7TapDHJvZXNfllXI7Zrt1la0
D4kkHFZkrJ1BDX3H36CfJ+WZfm3HnQj9nos8ikCMdqAJOIQMLrC/jCBkzRYNgHx5
QyDIWqq25Qsc92c6ewzMDC6xV+kdPYSjrcTOd+WXlW/y4t/h43IHaQHPbp7ZrkKR
rUzBXVZmtGTXSQD52lnWO1P0TvVY6uS0fuR4oh5xuCSvBn1n22myyHydJVXDMEC9
Lo0JQstjinVShgeKEYRPYVuanOWal/OYovEVpLjq4kjIXJI7VW5cZ101RY+w89TV
wXvsf4l5v3TjZaD72qf6Gw0msrsdJZwvHl5iUDXyipZhLVAAjYFHO9ITiRqQc5FE
f1XMtFtAIabJSTwyseSOT6zbIU6Ebh7ypV6WYnno0MCoGDy8GrymGZ1D6eFfMlA6
MMv4kiGpHx29HVGekWBu+Hx8SD2ACQ1KtoqMKqU+0OYzZR7uXaVf5lCihdBOmkvr
Ed2rXcVtYss=
=+Dn8
-----END PGP SIGNATURE-----