Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2014.0773 qemu and qemu-kvm security update 20 May 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: qemu qemu-kvm Publisher: Debian Operating System: Debian GNU/Linux 7 Linux variants KVM Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Increased Privileges -- Existing Account Access Privileged Data -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2014-2894 CVE-2013-4344 Reference: ESB-2013.1682 ESB-2013.1666 ESB-2013.1661 Original Bulletin: http://www.debian.org/security/2014/dsa-2932 http://www.debian.org/security/2014/dsa-2933 Comment: This advisory references vulnerabilities in products which run on platforms other than Debian. It is recommended that administrators running qemu or qemu-kvm check for an updated version of the software for their operating system. This bulletin contains two (2) Debian security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-2932-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano May 19, 2014 http://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : qemu CVE ID : CVE-2013-4344 CVE-2014-2894 Debian Bug : 745157 725944 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. CVE-2014-2894 Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption. For the stable distribution (wheezy), these problems have been fixed in version 1.1.2+dfsg-6a+deb7u3. For the testing distribution (jessie), these problems have been fixed in version 2.0.0+dfsg-1. For the unstable distribution (sid), these problems have been fixed in version 2.0.0+dfsg-1. We recommend that you upgrade your qemu packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iEYEARECAAYFAlN5008ACgkQNxpp46476aqIiQCggsIrU5Jqv/BZfrF+5I2ocoaG vTkAoIZTmVAnZn1hc3j5rt03J3ecWguf =gxqO - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-2933-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano May 19, 2014 http://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : qemu-kvm CVE ID : CVE-2013-4344 CVE-2014-2894 Debian Bug : 745157 725944 Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. CVE-2014-2894 Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption. For the stable distribution (wheezy), these problems have been fixed in version 1.1.2+dfsg-6+deb7u3. We recommend that you upgrade your qemu-kvm packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iEYEARECAAYFAlN6BUYACgkQNxpp46476aojCwCZAXKnrPO692P0h2gC8ejL8LUI jMYAoI4auIQesFeYWeCgBN4LeANJw+ZX =64eN - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBU3r7VhLndAQH1ShLAQIF1g/9GvgZnFMQaRzZ42tQYl7TaMsESJjo5fEK Dxvd4ANiRxVV/M7y07QWTpDcZiETawv96X/5asebBBnXECgGI+Aa/KxPkcM3XKsU apDzihoomF0Jj8k6QxuvjhgUNhtoEnaTr69/W5w4Lp94uhaAZtnyqkxC5o/VI23v Q5UsMgdoccT5/hwzind0W0LhzpMR52g7+00XNSqN7TapDHJvZXNfllXI7Zrt1la0 D4kkHFZkrJ1BDX3H36CfJ+WZfm3HnQj9nos8ikCMdqAJOIQMLrC/jCBkzRYNgHx5 QyDIWqq25Qsc92c6ewzMDC6xV+kdPYSjrcTOd+WXlW/y4t/h43IHaQHPbp7ZrkKR rUzBXVZmtGTXSQD52lnWO1P0TvVY6uS0fuR4oh5xuCSvBn1n22myyHydJVXDMEC9 Lo0JQstjinVShgeKEYRPYVuanOWal/OYovEVpLjq4kjIXJI7VW5cZ101RY+w89TV wXvsf4l5v3TjZaD72qf6Gw0msrsdJZwvHl5iUDXyipZhLVAAjYFHO9ITiRqQc5FE f1XMtFtAIabJSTwyseSOT6zbIU6Ebh7ypV6WYnno0MCoGDy8GrymGZ1D6eFfMlA6 MMv4kiGpHx29HVGekWBu+Hx8SD2ACQ1KtoqMKqU+0OYzZR7uXaVf5lCihdBOmkvr Ed2rXcVtYss= =+Dn8 -----END PGP SIGNATURE-----