1
PublicDateAtUSN: 2017-03-16
2
Candidate: CVE-2017-5667
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5667
6
https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06191.html
7
http://www.openwall.com/lists/oss-security/2017/01/30/2
8
https://usn.ubuntu.com/usn/usn-3261-1
10
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka
11
Quick Emulator) allows local guest OS privileged users to cause a denial of
12
service (out-of-bounds heap access and crash) or execute arbitrary code on
13
the QEMU host via vectors involving the data transfer length.
17
https://bugzilla.redhat.com/show_bug.cgi?id=1417559
18
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996
20
Discovered-by: Jiang Xin
24
upstream_qemu-kvm: needed
25
precise_qemu-kvm: ignored (reached end-of-life)
26
precise/esm_qemu-kvm: needed
28
vivid/ubuntu-core_qemu-kvm: DNE
29
vivid/stable-phone-overlay_qemu-kvm: DNE
38
upstream: http://git.qemu-project.org/?p=qemu.git;a=commit;h=42922105beb14c2fc58185ea022b9f72fb5465e9
42
trusty_qemu: released (2.0.0+dfsg-2ubuntu1.33)
43
vivid/ubuntu-core_qemu: DNE
44
vivid/stable-phone-overlay_qemu: DNE
45
xenial_qemu: released (1:2.5+dfsg-5ubuntu10.11)
46
yakkety_qemu: released (1:2.6.1+dfsg-0ubuntu5.4)
47
zesty_qemu: not-affected (1:2.8+dfsg-3ubuntu2)
48
artful_qemu: not-affected (1:2.8+dfsg-3ubuntu2)
49
bionic_qemu: not-affected (1:2.8+dfsg-3ubuntu2)
50
devel_qemu: not-affected (1:2.8+dfsg-3ubuntu2)