Summary: | <app-emulation/qemu-2.3.0-r4: ide: atapi: heap overflow during I/O buffer memory access (CVE-2015-5154) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1243563 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 556052 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-07-27 15:04:54 UTC
This is actually #555532. *** This bug has been marked as a duplicate of bug 555532 *** addressed in qemu-2.3.0-r4 (In reply to Kristian Fiskerstrand from comment #2) > > *** This bug has been marked as a duplicate of bug 555532 *** I don't really understand why this is a duplicate. The bug is in the qemu code, which is present in both qemu and xen. Usually, in case like this we open more than one bug to better track each package separately. This issue was resolved and addressed in GLSA 201510-02 at https://security.gentoo.org/glsa/201510-02 by GLSA coordinator Kristian Fiskerstrand (K_F). |