security update in Fedora 22 for qemu

Status: stable 3 years ago
  • CVE-2015-8619: Fix sendkey out of bounds (bz #1292757)
  • CVE-2016-1981: infinite loop in e1000 (bz #1299995)
  • Fix Out-of-bounds read in usb-ehci (bz #1300234, bz #1299455)
  • CVE-2016-2197: ahci: null pointer dereference (bz #1302952)
  • Fix gdbstub for VSX registers for ppc64 (bz #1304377)
  • Fix qemu-img vmdk images to work with VMware (bz #1299185)

Comments 6

This update has been submitted for testing by crobinso.

This update has been pushed to testing.

no regressions noted

karma: +1

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by crobinso.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Autopush (time)
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 7

00 #1283926 CVE-2015-8619 Qemu: hmp: stack based OOB write in hmp_sendkey routine
00 #1292757 CVE-2015-8619 qemu: Stack-based buffer overflow in hmp_sendkey() [fedora-all]
00 #1298570 CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines
00 #1299455 Qemu: usb ehci out-of-bounds read in ehci_process_itd
00 #1299995 CVE-2016-1981 qemu: qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() [fedora-all]
00 #1302057 CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines
00 #1302952 CVE-2016-2197 qemu: Null pointer dereference in ahci [fedora-all]

Automated Test Results