Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.1620 qemu security update 30 May 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: qemu Publisher: Debian Operating System: Debian GNU/Linux 9 Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2018-7550 CVE-2018-5683 CVE-2017-18043 CVE-2017-17381 CVE-2017-16845 CVE-2017-15289 CVE-2017-15268 CVE-2017-15124 CVE-2017-15119 CVE-2017-15038 CVE-2017-5715 Reference: ASB-2018.0116 ASB-2018.0101 ASB-2018.0033 ESB-2018.0046 ESB-2018.0044 ESB-2018.0042.2 Original Bulletin: http://www.debian.org/security/2018/dsa-4213 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-4213-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 29, 2018 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : qemu CVE ID : CVE-2017-5715 CVE-2017-15038 CVE-2017-15119 CVE-2017-15124 CVE-2017-15268 CVE-2017-15289 CVE-2017-16845 CVE-2017-17381 CVE-2017-18043 CVE-2018-5683 CVE-2018-7550 Debian Bug : 877890 880832 880836 882136 883399 883625 884806 886532 887392 892041 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. CVE-2017-15124 Daniel Berrange discovered that the integrated VNC server insufficiently restricted memory allocation, which could result in denial of service. CVE-2017-15268 A memory leak in websockets support may result in denial of service. CVE-2017-15289 Guoxiang Niu discovered an OOB write in the emulated Cirrus graphics adaptor which could result in denial of service. CVE-2017-16845 Cyrille Chatras discovered an information leak in PS/2 mouse and keyboard emulation which could be exploited during instance migration. CVE-2017-17381 Dengzhan Heyuandong Bijunhua and Liweichao discovered that an implementation error in the virtio vring implementation could result in denial of service. CVE-2017-18043 Eric Blake discovered an integer overflow in an internally used macro which could result in denial of service. CVE-2018-5683 Jiang Xin and Lin ZheCheng discovered an OOB memory access in the emulated VGA adaptor which could result in denial of service. CVE-2018-7550 Cyrille Chatras discovered that an OOB memory write when using multiboot could result in the execution of arbitrary code. This update also backports a number of mitigations against the Spectre v2 vulnerability affecting modern CPUs (CVE-2017-5715). For additional information please refer to https://www.qemu.org/2018/01/04/spectre/ For the stable distribution (stretch), these problems have been fixed in version 1:2.8+dfsg-6+deb9u4. We recommend that you upgrade your qemu packages. For the detailed security status of qemu please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qemu Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlsNxApfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Q/ng/+MBZU0v54RPrZbRVTOQZZfFsVac+l69QrTjGwDyQKomJXR0g3awp5xxIK /0qeeE+8lttR1FVu/go5B40wNc5y9guzO8WnWvIwR1hI7Mu16kPlrK+fLBho3q0Q Yk820iD62urEnbTx5eBCCm3UJDD7i8wZIoACEnbeihuXcnsM37lwnSBQ5EYgOidn h9tSjuIiQJVlRQqLSG8He6zTt7Iwga1LbGvUFiZyFxddFotDFzXz2CdQXzTlYZpW CfSCt5dnbp6/JjLNPJkQiyPiEFrzeasza35xVGTA/c+6/vLI/S7FHWpYVDTP/ezi giamA2QOEmsYJNRVm5JmRpBLU8lQZz5jxvLB2FJbe/1mBEjmh8SyJecG9TCVCqHq gchbGdX1Iw2cLvub1sogkM+EF4ZLtlk7xfkiVkcWbqUKB1xGb6E5GEDT5h07yh1b o0+EL9CgjpAIzM7AB9JODrFy0PUTY/DHU4cFVn6BYghYVq7V/MBEj+E3sm6DMVGP EwCywxi2IHhkmvmEx0IFQdx8FU58laUoFciWXYaGZiWQFVnt+AWcRJXnsZtUFCdD ZNnoGMnp/5EuyqJa+3imDaLiVhix3J8njNUNRhQ/zOLbFvzVuXYVy8UpZKzo3Aeq 2n6PjtRNSEj88kk3bqO8uJC71QAcOCBsIz21VTGjSt6+PhcHR/c= =+/0Y - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWw3a8WaOgq3Tt24GAQiIgA//YhHFVVSVI9zZN+ItZV3w6XvSW5cs+HxM VJL9hzhmp2bZUzlJEgbn7DqUv8Ad7tmsKWFAorH27RSj24DdSWBdbtIuZvZje7aS CLfuPftItnOBp1VTLAI0hqs96mvnp7vonEaSPJXszPXd+Uw0dejmtya76DkZ6lVV NQ47G58ADYAZRNXrvisRsvYdnBSjxTwoIC+I4JlRdrvTZXjtrpzWjTXSpbVHnN+b yVdKV5LRGBXjYywHfWUh2sylS1yjazfDH1Qwrh9WHDjgHIOi/Go7jV0GEqqpQ6ib NLJ+2yFFm9Udo0+uUhBkD5uqj2Bw8hMalj//Nh+ASHhrRGXjEMzhDthk5/k70Oyh 5QEJRb8mfsbnx/jYhYdttmBZ2kzfpo9nrc+kGUXO5qQwEPfxSmlpr2DHH0slgZSW TdH+CGUJJBWZ93fKHpQg6kG77l6LtNXKhLcOCXiEHNU0r2csUy/Wq2h2Eed5++Lm 8wVUqekXLGjFtY4HIK6S30u1qVqB+WB8mc+ViFBCTNRIzIxBnzyv5LmbN4gQCY0/ pWqQj7blqX1A+MGMOqmTDhNpnV6DO3Y+u2tJoCdCuLRKPblVOdBFle9O2NhodLIu wlfvQ1DD+tGbpGdDOQS3VomH/pCUxZm/hueCubNoM3nDiqus5PpAXcjTtJunl3SA RquNkQgxGyI= =fXKD -----END PGP SIGNATURE-----