FEDORA-2016-f4504e9445

security update in Fedora 23 for xen

Status: stable 2 years ago

Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 (#1296080) Qemu: i386: null pointer dereference in vapic_write() CVE-2016-1922 (#1292767) qemu: Stack-based buffer overflow in megasas_ctrl_get_info CVE-2015-8613 (#1293305) qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() CVE-2016-1981 (#1299996) Qemu: usb ehci out-of-bounds read in ehci_process_itd (#1300235) Qemu: usb: ehci null pointer dereference in ehci_caps_write CVE-2016-2198 (#1303135) Qemu: net: ne2000: infinite loop in ne2000_receive CVE-2016-2841 (#1304048) Qemu: usb: integer overflow in remote NDIS control message handling CVE-2016-2538 (#1305816) Qemu: usb: null pointer dereference in remote NDIS control message handling CVE-2016-2392 (#1307116) Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference CVE-2016-2391 (#1308882) Qemu: net: out of bounds read in net_checksum_calculate() CVE-2016-2857 (#1309565) Qemu: OOB access in address_space_rw leads to segmentation fault CVE-2015-8817 CVE-2015-8818 (#1313273) Qemu: rng-random: arbitrary stack based allocation leading to corruption CVE-2016-2858 (#1314678)

Comments 6

This update has been submitted for testing by myoung.

This update has been pushed to testing.

works for me, no regressions seen

karma: +1

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by myoung.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1283934 CVE-2016-1922 Qemu: i386: null pointer dereference in vapic_write()
#1284008 CVE-2015-8613 Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info
#1292767 CVE-2016-1922 xen: qemu: Null pointer dereference in vapic_write() [fedora-all]
#1293305 CVE-2015-8613 xen: qemu: Stack-based buffer overflow in megasas_ctrl_get_info [fedora-all]
#1296060 CVE-2016-1714 Qemu: nvram: OOB r/w access in processing firmware configurations
#1296080 CVE-2016-1714 xen: Qemu: nvram: OOB r/w access in processing firmware configurations [fedora-all]
#1296567 CVE-2016-2857 Qemu: net: out of bounds read in net_checksum_calculate()
#1298570 CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines
#1299455 Qemu: usb ehci out-of-bounds read in ehci_process_itd
#1299996 CVE-2016-1981 xen: qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() [fedora-all]
#1300235 xen: qemu: Out-of-bounds read in usb-echi [fedora-all]
#1300771 CVE-2015-8817 CVE-2015-8818 Qemu: OOB access in address_space_rw leads to segmentation fault
#1301643 CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write
#1302299 CVE-2016-2392 Qemu: usb: null pointer dereference in remote NDIS control message handling
#1303106 CVE-2016-2841 Qemu: net: ne2000: infinite loop in ne2000_receive
#1303120 CVE-2016-2538 Qemu: usb: integer overflow in remote NDIS control message handling
#1303135 CVE-2016-2198 xen: Qemu: usb: ehci null pointer dereference in ehci_caps_write [fedora-all]
#1304048 xen: Qemu: net: ne2000: infinite loop in ne2000_receive [fedora-all]
#1304794 CVE-2016-2391 Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference
#1305816 CVE-2016-2538 xen: qemu: Integer overflow in usb module causing memory leak and DoS [fedora-all]
#1307116 CVE-2016-2392 xen: qemu: Null pointer dereference in usb module [fedora-all]
#1308882 CVE-2016-2391 xen: qemu: Holding multiple eof_timers at the same time in ohci usb mode leads to SIGSEGV [fedora-all]
#1309565 xen: qemu: Out-of-bounds read in net_checksum_calculate() [fedora-all]
#1313273 xen: qemu: Segmentation fault in address_space_rw [fedora-all]
#1314676 CVE-2016-2858 Qemu: rng-random: arbitrary stack based allocation leading to corruption
#1314678 xen: Qemu: rng-random: arbitrary stack based allocation leading to corruption [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 26

00 #1283934 CVE-2016-1922 Qemu: i386: null pointer dereference in vapic_write()
00 #1284008 CVE-2015-8613 Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info
00 #1292767 CVE-2016-1922 xen: qemu: Null pointer dereference in vapic_write() [fedora-all]
00 #1293305 CVE-2015-8613 xen: qemu: Stack-based buffer overflow in megasas_ctrl_get_info [fedora-all]
00 #1296060 CVE-2016-1714 Qemu: nvram: OOB r/w access in processing firmware configurations
00 #1296080 CVE-2016-1714 xen: Qemu: nvram: OOB r/w access in processing firmware configurations [fedora-all]
00 #1296567 CVE-2016-2857 Qemu: net: out of bounds read in net_checksum_calculate()
00 #1298570 CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines
00 #1299455 Qemu: usb ehci out-of-bounds read in ehci_process_itd
00 #1299996 CVE-2016-1981 xen: qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() [fedora-all]
00 #1300235 xen: qemu: Out-of-bounds read in usb-echi [fedora-all]
00 #1300771 CVE-2015-8817 CVE-2015-8818 Qemu: OOB access in address_space_rw leads to segmentation fault
00 #1301643 CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write
00 #1302299 CVE-2016-2392 Qemu: usb: null pointer dereference in remote NDIS control message handling
00 #1303106 CVE-2016-2841 Qemu: net: ne2000: infinite loop in ne2000_receive
00 #1303120 CVE-2016-2538 Qemu: usb: integer overflow in remote NDIS control message handling
00 #1303135 CVE-2016-2198 xen: Qemu: usb: ehci null pointer dereference in ehci_caps_write [fedora-all]
00 #1304048 xen: Qemu: net: ne2000: infinite loop in ne2000_receive [fedora-all]
00 #1304794 CVE-2016-2391 Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference
00 #1305816 CVE-2016-2538 xen: qemu: Integer overflow in usb module causing memory leak and DoS [fedora-all]
00 #1307116 CVE-2016-2392 xen: qemu: Null pointer dereference in usb module [fedora-all]
00 #1308882 CVE-2016-2391 xen: qemu: Holding multiple eof_timers at the same time in ohci usb mode leads to SIGSEGV [fedora-all]
00 #1309565 xen: qemu: Out-of-bounds read in net_checksum_calculate() [fedora-all]
00 #1313273 xen: qemu: Segmentation fault in address_space_rw [fedora-all]
00 #1314676 CVE-2016-2858 Qemu: rng-random: arbitrary stack based allocation leading to corruption
00 #1314678 xen: Qemu: rng-random: arbitrary stack based allocation leading to corruption [fedora-all]

Automated Test Results