[ MDVSA-2015:061 ] qemu

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:061
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : qemu
 Date    : March 13, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated qemu packages fix multiple security vulnerabilities:
 
 Sibiao Luo discovered that QEMU incorrectly handled device
 hot-unplugging. A local user could possibly use this flaw to cause
 a denial of service (CVE-2013-4377).
 
 Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3
 devices. A local guest could possibly use this issue to cause a
 denial of service, or possibly execute arbitrary code on the host
 (CVE-2013-4544).
 
 Multiple integer overflow, input validation, logic error, and buffer
 overflow flaws

007 Software

[ MDVSA-2015:061 ] qemu

Leave a Reply Cancel reply

Software and Security Information