Summary: | <app-emulation/qemu-2.1.2-r2: insufficient parameter validation during ram load (CVE-2014-7840) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | cardoe, qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1163075 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-11-12 13:11:51 UTC
*qemu-2.1.2-r2 (14 Dec 2014) 14 Dec 2014; Matthias Maier <tamiko@gentoo.org> +qemu-2.1.2-r2.ebuild: backport fixes for bugs #530498, #531666 (CVE-2014-8106), #529030 (CVE-2014-7840), #528922 (528922) *qemu-2.2.0 (14 Dec 2014) 14 Dec 2014; Matthias Maier <tamiko@gentoo.org> +qemu-2.2.0.ebuild, metadata.xml: version bump; cleanup whitespace in metadata.xml Vulnerable version left in tree: 2.1.2-r1 Unaffected: 2.1.2-r2, 2.2.0 Stabilization for 2.1.2-r2 on bug #531666 Security, please vote. As Part of Bug: 53166 Kristian Fiskerstrand gentoo-dev Security 2014-12-21 10:53:53 EST GLSA Vote: Yes along with bug 528922 and bug 529030 Maintainer(s), Thank you for cleanup! GLSA Vote: Yes Added to an existing GLSA request. CVE-2014-7840 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7840): The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data. This issue was resolved and addressed in GLSA 201412-37 at http://security.gentoo.org/glsa/glsa-201412-37.xml by GLSA coordinator Yury German (BlueKnight). This issue was resolved and addressed in GLSA 201412-37 at http://security.gentoo.org/glsa/glsa-201412-37.xml by GLSA coordinator Yury German (BlueKnight). |