Summary: | <app-emulation/qemu-2.7.0-r2: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings (CVE-2016-7155) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2016/09/06/2 | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 593038 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2016-09-07 09:35:46 UTC
Stabilization on bug #593196 commit b28fcd11405545eb2e4973f96823337531eebb08 Author: Matthias Maier <tamiko@gentoo.org> Date: Fri Sep 9 00:10:05 2016 -0500 app-emulation/qemu: fix static-user dep, security patches, bug #593038 This commit resolves bug #591202 bug #593024 bug #593034 CVE-2016-7155 bug #593036 CVE-2016-7156 bug #593038 CVE-2016-7157 Package-Manager: portage-2.2.28 This issue was resolved and addressed in GLSA 201609-01 at https://security.gentoo.org/glsa/201609-01 by GLSA coordinator Yury German (BlueKnight). |