Operating System:

[WIN][UNIX/Linux][Virtual][Debian]

Published:

14 May 2015

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2015.1304 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.1304
                           qemu security update
                                14 May 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           qemu
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   Debian GNU/Linux 8
                   UNIX variants (UNIX, Linux, OSX)
                   Virtualisation
                   Windows
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Denial of Service               -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-3456 CVE-2015-2756 CVE-2015-1779
                   CVE-2014-9718  

Reference:         ESB-2015.0839

Original Bulletin: 
   http://www.debian.org/security/2015/dsa-3259

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running qemu check for an updated version of the software for their
         operating system.
         
         The vulnerability, which has been assigned CVE-2015-3456 is now 
         being referred to as VENOM.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3259-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
May 13, 2015                           http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : qemu
CVE ID         : CVE-2014-9718 CVE-2015-1779 CVE-2015-2756 CVE-2015-3456

Several vulnerabilities were discovered in the qemu virtualisation
solution:

CVE-2014-9718

    It was discovered that the IDE controller emulation is susceptible
    to denial of service.

CVE-2015-1779

    Daniel P. Berrange discovered a denial of service vulnerability in
    the VNC web socket decoder. 

CVE-2015-2756

    Jan Beulich discovered that unmediated PCI command register could
    result in denial of service.

CVE-2015-3456

    Jason Geffner discovered a buffer overflow in the emulated floppy
    disk drive, resulting in the potential execution of arbitrary code.

For the oldstable distribution (wheezy), these problems have been fixed
in version 1.1.2+dfsg-6a+deb7u7 of the qemu source package and in version
1.1.2+dfsg-6+deb7u7 of the qemu-kvm source package. Only CVE-2015-3456
affects oldstable.

For the stable distribution (jessie), these problems have been fixed in
version 1:2.1+dfsg-12.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your qemu packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVU0Y6AAoJEBDCk7bDfE42jE8QAIyvxbW59QLpX/iLpFryBKLp
ib5PgF9SwD1Hir1Pyg74VD27mnHAfwhX8w+kbHoE7clEk6Iwb0B0wcmr9u1LNmCM
hmadsxD82iFrVLGQZp65rxlB42HC2O5DPE6Aq0tx64Kor0A+Bd/fRKBPufinQOEw
NWxhxpGSvFMbe3DrTtfNTO6JTMavAFPIYV2VoCxzUPWWSZka6ZdTv/5GRwvA6GIq
IWggbkpKDL2yjm13QLuCAtLscLrwpR7XYCL+Nl2gRzqbts8XluMk1vNjNZ/KfEux
qjnjWT6QbwvOPee1H88UyoNVmL8ck/9PHvMAGGSRvoS07A9k3rdNcvwDE9HGjtv7
PBhiCe90U0WwTgogRd/YBXVV+pz8kUxzCszFvnuEnyN5VbOPJ98hsAbD51XT1b4w
Ht9JK0K7RQ0TRuAbptM+CUIevyq992EJbrzxIpfdlqJfmsZbA8xwRl+tXI5PicW0
kv4QwkCnN+JZ6pP4Bu6mpeSo63Ok2FTdmaBuZdmExVFd1W2Ywj+Ax6QEBHiMlQfn
sVB4rZRp5j0AK9hps/DQx7Ju/cEbUaD5LCWElKQ0fbnFSXbYDoFf3jKMsszIgCiE
3eoM1+JO1s36Ir9osgIIgkiwNU8AHU/nTDt1oglFXubR/RZdkAxCcLi8YiRR827g
pfdENJ5xF5bOKNtC9Zyr
=orFk
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIUAwUBVVPa8hLndAQH1ShLAQJbeg/3aMkNdHpHzUJoKAG8dd0gHZOe6uu007x+
DwivSo2Yb12MAqgimXp2ot5UspOn501FE/q892Sa3CJMyp0bPGy2lsNcgmaNQ7Kd
esvsyzf1tA5htaD/T6WGAi+nuX+tFPrzCNY5G9iAsGIJIT2B+Mrf8Zh5ILiOfBjn
TYQBKEd9YkVZDrXK3UnOvbqLWmcvEf5y5UqRBJh88h0pogK6U7Ax37hdg1iL7K5N
eHHlMbqTFd/+12BDwyZDNGZYUSzRsO2spFv/T/m/4GEu98Wbl/4BjgVguCvFhjoF
goMfQnyfhE/2C+a7VKVlA3DBqOpFWs7xDEFPKAO/h+0X9tRDRh+69oFdbrDwL1OD
arCqUTAX1rg6Rpq/EBbc4dioeR6DVYmVoQf7RXiN9TmajP5kPA9KtzIQYO53qYYf
cD1Leth1aBVa88VxuLQyefYvwyXZ+fJZ7Hz18nKB1kgowjZY2jMPQbnzvMTq0RSQ
Ean0DgqOSf906BrjM6X/dobJRULsEAgh4lNKqLomsIytORozC165SFDuK0QjmegB
OIVkVRCZ5UGeyzbqutTpOjRF7SHxiI/ow+0Dqek3XbrbXNC5Nmqh56teFWvwre1v
67cflUU/4GgKBFVCJDIndQXmGc05ksXtsHx+gALt5EnmSLXSM2eYGwY5RWPWrYVP
NMHAXox6pA==
=TUZ0
-----END PGP SIGNATURE-----