1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
PublicDateAtUSN: 2016-05-09
Candidate: CVE-2016-3712
PublicDate: 2016-05-11
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712
http://xenbits.xen.org/xsa/advisory-179.html
http://www.openwall.com/lists/oss-security/2016/05/09/3
http://www.ubuntu.com/usn/usn-2974-1
Description:
Integer overflow in the VGA module in QEMU allows local guest OS users to
cause a denial of service (out-of-bounds read and QEMU process crash) by
editing VGA registers in VBE mode.
Ubuntu-Description:
Notes:
Bugs:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823830
Priority: medium
Discovered-by: Zuozhi Fzz
Assigned-to: mdeslaur
Patches_qemu-kvm:
upstream_qemu-kvm: needs-triage
precise_qemu-kvm: released (1.0+noroms-0ubuntu14.28)
trusty_qemu-kvm: DNE
vivid/ubuntu-core_qemu-kvm: DNE
vivid/stable-phone-overlay_qemu-kvm: DNE
wily_qemu-kvm: DNE
xenial_qemu-kvm: DNE
devel_qemu-kvm: DNE
Patches_qemu:
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=bfa0f151a564a83b5a26f3e917da98674bf3cf62
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=7fa5c2c5dc9f9bf878c1e8669eb9644d70a71e71
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=2068192dcccd8a80dddfcc8df6164cf9c26e0fc4
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=fd3c136b3e1482cd0ec7285d6bc2a3e6a62c38d7
upstream_qemu: needs-triage
precise_qemu: DNE
trusty_qemu: released (2.0.0+dfsg-2ubuntu1.24)
vivid/ubuntu-core_qemu: DNE
vivid/stable-phone-overlay_qemu: DNE
wily_qemu: released (1:2.3+dfsg-5ubuntu9.4)
xenial_qemu: released (1:2.5+dfsg-5ubuntu10.1)
devel_qemu: not-affected (1:2.6+dfsg-3ubuntu1)
|