1
PublicDateAtUSN: 2016-10-31
2
Candidate: CVE-2016-9104
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9104
6
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
7
http://www.openwall.com/lists/oss-security/2016/10/28/2
8
https://usn.ubuntu.com/usn/usn-3125-1
10
Multiple integer overflows in the (1) v9fs_xattr_read and (2)
11
v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator)
12
allow local guest OS administrators to cause a denial of service (QEMU
13
process crash) via a crafted offset, which triggers an out-of-bounds
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842463
20
Discovered-by: Li Qiang
24
upstream_qemu-kvm: needs-triage
25
precise_qemu-kvm: released (1.0+noroms-0ubuntu14.31)
27
vivid/ubuntu-core_qemu-kvm: DNE
28
vivid/stable-phone-overlay_qemu-kvm: DNE
34
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=7e55d65c56a03dcd2c5d7c49d37c5a74b55d4bd6
35
upstream_qemu: needs-triage
37
trusty_qemu: released (2.0.0+dfsg-2ubuntu1.30)
38
vivid/ubuntu-core_qemu: DNE
39
vivid/stable-phone-overlay_qemu: DNE
40
xenial_qemu: released (1:2.5+dfsg-5ubuntu10.6)
41
yakkety_qemu: released (1:2.6.1+dfsg-0ubuntu5.1)
42
devel_qemu: released (1:2.6.1+dfsg-0ubuntu9)