Fedora

Fedora 23 Security Update: qemu-2.4.0-0.2.rc4.fc23

Leave a comment

Resolved Bugs
1230536 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path [fedora-all]
1225882 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path
1243728 – CVE-2015-3214 qemu: qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function [fedora-all]
1229640 – CVE-2015-3214 qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function
1246025 – CVE-2015-5158 Qemu: scsi stack buffer overflow [fedora-all]
1244332 – CVE-2015-5158 Qemu: scsi stack buffer overflow
1247141 – CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access [fedora-all]
1243563 – CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access
1249755 – CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest [fedora-all]
1248760 – CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)
1249758 – CVE-2015-5166 Qemu: BlockBackend object use after free issue [fedora-all]
1248997 – CVE-2015-5166 Qemu: BlockBackend object use after free issue (XSA-139)
1251160 – CVE-2015-5745 qemu: kernel: qemu buffer overflow in virtio-serial [fedora-all]
1251157 – CVE-2015-5745 kernel: qemu buffer overflow in virtio-serial<br
* CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)
* CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
* CVE-2015-5158: scsi stack buffer overflow (bz #1246025)
* CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
* CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)
* CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)
* CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)

Leave a Reply