FEDORA-2016-42778e8c82

security update in Fedora 23 for qemu

Status: stable 2 years ago
  • CVE-2015-8745: vmxnet3: don't assert reading registers in bar0 (bz #1295442)
  • CVE-2015-8567: net: vmxnet3: host memory leakage (bz #1289818)
  • CVE-2016-1922: i386: avoid null pointer dereference (bz #1292766)
  • CVE-2015-8613: buffer overflow in megasas_ctrl_get_info (bz #1284008)
  • CVE-2015-8701: Buffer overflow in tx_consume in rocker.c (bz #1293720)
  • CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bz #1294787)
  • CVE-2016-1568: Use-after-free vulnerability in ahci (bz #1297023)
  • Fix modules.d/kvm.conf example syntax (bz #1298823)

Comments 8

This update has been submitted for testing by crobinso.

This update has been pushed to testing.

works for me

karma: +1

Works great! LGTM =)

karma: +1

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Works for me...

karma: +1

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1264929 CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w functions
#1270876 CVE-2015-8745 Qemu: net: vmxnet3: reading IMR registers leads to a crash via assert(2) call
#1283934 CVE-2016-1922 Qemu: i386: null pointer dereference in vapic_write()
#1284008 CVE-2015-8613 Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info
#1286971 CVE-2015-8701 Qemu: net: rocker: stack buffer overflow(off-by-one) in tx_consume routine
#1288532 CVE-2016-1568 Qemu: ide: ahci use-after-free vulnerability in aio port commands
#1289816 CVE-2015-8568 CVE-2015-8567 Qemu: net: vmxnet3: host memory leakage
#1289818 CVE-2015-8567 CVE-2015-8568 Qemu: net: vmxnet3: host memory leakage [fedora-all]
#1292766 CVE-2016-1922 qemu: Null pointer dereference in vapic_write() [fedora-all]
#1293720 CVE-2015-8701 qemu: Buffer overflow in tx_consume in rocker.c [fedora-all]
#1294787 CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w functions [fedora-all]
#1295442 CVE-2015-8745 qemu: Support reading IMR registers on bar0 [fedora-all]
#1297023 CVE-2016-1568 qemu: Use-after-free vulnerability in ahci [fedora-all]
#1298823 Wrong commented out syntax in kvm.conf
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+4
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 14

00 #1264929 CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w functions
00 #1270876 CVE-2015-8745 Qemu: net: vmxnet3: reading IMR registers leads to a crash via assert(2) call
00 #1283934 CVE-2016-1922 Qemu: i386: null pointer dereference in vapic_write()
00 #1284008 CVE-2015-8613 Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info
00 #1286971 CVE-2015-8701 Qemu: net: rocker: stack buffer overflow(off-by-one) in tx_consume routine
00 #1288532 CVE-2016-1568 Qemu: ide: ahci use-after-free vulnerability in aio port commands
00 #1289816 CVE-2015-8568 CVE-2015-8567 Qemu: net: vmxnet3: host memory leakage
00 #1289818 CVE-2015-8567 CVE-2015-8568 Qemu: net: vmxnet3: host memory leakage [fedora-all]
00 #1292766 CVE-2016-1922 qemu: Null pointer dereference in vapic_write() [fedora-all]
00 #1293720 CVE-2015-8701 qemu: Buffer overflow in tx_consume in rocker.c [fedora-all]
00 #1294787 CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w functions [fedora-all]
00 #1295442 CVE-2015-8745 qemu: Support reading IMR registers on bar0 [fedora-all]
00 #1297023 CVE-2016-1568 qemu: Use-after-free vulnerability in ahci [fedora-all]
00 #1298823 Wrong commented out syntax in kvm.conf

Automated Test Results