FEDORA-2017-12394e2cc7

security update in Fedora 24 for qemu

Status: stable 2 years ago
  • CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz #1366370)
  • CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196)
  • CVE-2016-7994: virtio-gpu: memory leak in resource_create_2d (bz #1382667)
  • CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (bz #1383286)
  • CVE-2016-8578: 9pfs: potential NULL dereferencein 9pfs routines (bz #1383292)
  • CVE-2016-8668: OOB buffer access in rocker switch emulation (bz #1384898)
  • CVE-2016-8669: divide by zero error in serial_update_parameters (bz #1384911)
  • CVE-2016-8910: rtl8139: infinite loop while transmit in C+ mode (bz #1388047)
  • CVE-2016-8909: intel-hda: infinite loop in dma buffer stream (bz #1388053)
  • Infinite loop vulnerability in a9_gtimer_update (bz #1388300)
  • CVE-2016-9101: eepro100: memory leakage at device unplug (bz #1389539)
  • CVE-2016-9103: 9pfs: information leakage via xattr (bz #1389643)
  • CVE-2016-9102: 9pfs: memory leakage when creating extended attribute (bz #1389551)
  • CVE-2016-9104: 9pfs: integer overflow leading to OOB access (bz #1389687)
  • CVE-2016-9105: 9pfs: memory leakage in v9fs_link (bz #1389704)
  • CVE-2016-9106: 9pfs: memory leakage in v9fs_write (bz #1389713)
  • CVE-2016-9381: xen: incautious about shared ring processing (bz #1397385)
  • CVE-2016-9921: Divide by zero vulnerability in cirrus_do_copy (bz #1399054)
  • CVE-2016-9776: infinite loop while receiving data in mcf_fec_receive (bz #1400830)
  • CVE-2016-9845: information leakage in virgl_cmd_get_capset_info (bz #1402247)
  • CVE-2016-9846: virtio-gpu: memory leakage while updating cursor data (bz #1402258)
  • CVE-2016-9907: usbredir: memory leakage when destroying redirector (bz #1402266)
  • CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer (bz #1402273)
  • CVE-2016-9913: 9pfs: memory leakage via proxy/handle callbacks (bz #1402277)
  • CVE-2016-10028: virtio-gpu-3d: OOB access while reading virgl capabilities (bz #1406368)
  • CVE-2016-9908: virtio-gpu: information leakage in virgl_cmd_get_capset (bz #1402263)
  • CVE-2016-9912: virtio-gpu: memory leakage when destroying gpu resource (bz #1402285)

How to install

sudo dnf upgrade --advisory=FEDORA-2017-12394e2cc7

Comments 10

This update has been submitted for testing by crobinso.

This update has been pushed to testing.

no regressions noted

karma: +1

Works for me

karma: +1

Works for me

karma: +1

This update has been submitted for stable by bodhi.

no regressions noted

karma: +1

This update has been submitted for stable by bodhi.

no regressions noted

karma: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 53

00 #1329538 CVE-2016-7909 Qemu: net: pcnet: infinite loop in pcnet_rdra_addr()
00 #1334398 CVE-2016-9921 CVE-2016-9922 Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy
00 #1366369 CVE-2016-6836 Qemu: net: vmxnet: Information leakage in vmxnet3_complete_packet
00 #1366370 Qemu: net: vmxnet: Information leakage in vmxnet3_complete_packet [fedora-all]
00 #1381196 CVE-2016-7909 qemu: qemu-kvm: Infinite loop vulnerability in pcnet_rdra_addr() [fedora-all]
00 #1382666 CVE-2016-7994 Qemu: virtio-gpu: memory leak in virtio_gpu_resource_create_2d
00 #1382667 CVE-2016-7994 Qemu: virtio-gpu: memory leak in virtio_gpu_resource_create_2d [fedora-all]
00 #1383285 CVE-2016-8577 Qemu: 9pfs: host memory leakage in v9fs_read
00 #1383286 CVE-2016-8577 Qemu: 9pfs: host memory leakage in v9fs_read [fedora-all]
00 #1383291 CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines
00 #1383292 CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines [fedora-all]
00 #1384896 CVE-2016-8668 Qemu: net: OOB buffer access in rocker switch emulation
00 #1384898 CVE-2016-8668 Qemu: net: OOB buffer access in rocker switch emulation [fedora-all]
00 #1384909 CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters
00 #1384911 CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters [fedora-all]
00 #1388046 CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode
00 #1388047 CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode [fedora-all]
00 #1388052 CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream
00 #1388053 CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream [fedora-all]
00 #1388300 qemu: qemu-kvm: Infinite loop vulnerability in a9_gtimer_update() [fedora-all]
00 #1389538 CVE-2016-9101 Qemu: net: eepro100 memory leakage at device unplug
00 #1389539 CVE-2016-9101 Qemu: net: eepro100 memory leakage at device unplug [fedora-all]
00 #1389550 CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended attribute
00 #1389551 CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended attribute [fedora-all]
00 #1389642 CVE-2016-9103 Qemu: 9pfs: information leakage via xattr
00 #1389643 CVE-2016-9103 Qemu: 9pfs: information leakage via xattr [fedora-all]
00 #1389686 CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access
00 #1389687 CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access [fedora-all]
00 #1389702 CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link
00 #1389704 CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link [fedora-all]
00 #1389712 CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write
00 #1389713 CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write [fedora-all]
00 #1392938 CVE-2016-9381 xsa197 xen: qemu incautious about shared ring processing (XSA-197)
00 #1397385 CVE-2016-9381 qemu: xsa197 xen: qemu incautious about shared ring processing (XSA-197) [fedora-all]
00 #1399054 CVE-2016-9921 CVE-2016-9922 qemu: Divide by zero vulnerability in cirrus_do_copy [fedora-all]
00 #1400829 CVE-2016-9776 Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive
00 #1400830 CVE-2016-9776 Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive [fedora-all]
00 #1402245 CVE-2016-9845 Qemu: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info
00 #1402247 CVE-2016-9845 Qemu: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info [fedora-all]
00 #1402255 CVE-2016-9846 Qemu: display: virtio-gpu: memory leakage while updating cursor data
00 #1402258 CVE-2016-9846 Qemu: display: virtio-gpu: memory leakage while updating cursor data [fedora-all]
00 #1402262 CVE-2016-9908 Qemu: display: virtio-gpu: information leakage in virgl_cmd_get_capset
00 #1402263 CVE-2016-9908 Qemu: display: virtio-gpu: information leakage in virgl_cmd_get_capset [fedora-all]
00 #1402265 CVE-2016-9907 Qemu: usb: redirector: memory leakage when destroying redirector
00 #1402266 CVE-2016-9907 Qemu: usb: redirector: memory leakage when destroying redirector [fedora-all]
00 #1402272 CVE-2016-9911 Qemu: usb: ehci: memory leakage in ehci_init_transfer
00 #1402273 CVE-2016-9911 Qemu: usb: ehci: memory leakage in ehci_init_transfer [fedora-all]
00 #1402276 CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Qemu: 9pfs: memory leakage via proxy/handle callbacks
00 #1402277 CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Qemu: 9pfs: memory leakage via proxy/handle callbacks [fedora-all]
00 #1402284 CVE-2016-9912 Qemu: display: virtio-gpu: memory leakage when destroying gpu resource
00 #1402285 CVE-2016-9912 Qemu: display: virtio-gpu: memory leakage when destroying gpu resource [fedora-all]
00 #1406367 CVE-2016-10028 Qemu: display: virtio-gpu-3d: OOB access while reading virgl capabilities
00 #1406368 CVE-2016-10028 Qemu: display: virtio-gpu-3d: OOB access while reading virgl capabilities [fedora-all]

Automated Test Results