ALT-BU-2016-2974-2
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2016-02055
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2016-02072
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2016-4439
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.
- [oss-security] 20160519 CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write
- [oss-security] 20160519 CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write
- 90760
- 90760
- USN-3047-1
- USN-3047-1
- USN-3047-2
- USN-3047-2
- https://bugzilla.redhat.com/show_bug.cgi?id=1337502
- https://bugzilla.redhat.com/show_bug.cgi?id=1337502
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [qemu-devel] 20160519 [PATCH 1/2] scsi: check command buffer length before write(CVE-2016-4439)
- [qemu-devel] 20160519 [PATCH 1/2] scsi: check command buffer length before write(CVE-2016-4439)
- GLSA-201609-01
- GLSA-201609-01
Modified: 2024-11-21
CVE-2016-4441
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command.
- [oss-security] 20160519 CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in get_cmd
- [oss-security] 20160519 CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in get_cmd
- 90762
- 90762
- USN-3047-1
- USN-3047-1
- USN-3047-2
- USN-3047-2
- https://bugzilla.redhat.com/show_bug.cgi?id=1337505
- https://bugzilla.redhat.com/show_bug.cgi?id=1337505
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [qemu-devel] 20160519 [PATCH 2/2] scsi: check dma length before reading scsi command(CVE-2016-4441)
- [qemu-devel] 20160519 [PATCH 2/2] scsi: check dma length before reading scsi command(CVE-2016-4441)
- GLSA-201609-01
- GLSA-201609-01
Modified: 2024-11-21
CVE-2016-4453
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.
- [oss-security] 20160530 CVE-2016-4453 Qemu: display: vmsvga: infinite loop in vmsvga_fifo_run() routine
- 90928
- USN-3047-1
- USN-3047-2
- https://bugzilla.redhat.com/show_bug.cgi?id=1336650
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [qemu-devel] 20160530 [Qemu-devel] [PATCH 4/4] vmsvga: don't process more than 1024 fifo commands at once
- GLSA-201609-01
- [oss-security] 20160530 CVE-2016-4453 Qemu: display: vmsvga: infinite loop in vmsvga_fifo_run() routine
- GLSA-201609-01
- [qemu-devel] 20160530 [Qemu-devel] [PATCH 4/4] vmsvga: don't process more than 1024 fifo commands at once
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- https://bugzilla.redhat.com/show_bug.cgi?id=1336650
- USN-3047-2
- USN-3047-1
- 90928
Modified: 2024-11-21
CVE-2016-4454
The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.
- [oss-security] 20160530 CVE-2016-4454 Qemu: display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine
- 90927
- USN-3047-1
- USN-3047-2
- https://bugzilla.redhat.com/show_bug.cgi?id=1336429
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [qemu-devel] 20160530 [Qemu-devel] [PATCH 1/4] vmsvga: move fifo sanity checks to vmsvga_fifo_length
- GLSA-201609-01
- [oss-security] 20160530 CVE-2016-4454 Qemu: display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine
- GLSA-201609-01
- [qemu-devel] 20160530 [Qemu-devel] [PATCH 1/4] vmsvga: move fifo sanity checks to vmsvga_fifo_length
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- https://bugzilla.redhat.com/show_bug.cgi?id=1336429
- USN-3047-2
- USN-3047-1
- 90927
Modified: 2024-11-21
CVE-2016-4952
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.
- [oss-security] 20160523 CVE request: Qemu: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines
- [oss-security] 20160523 CVE request: Qemu: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines
- [oss-security] 20160523 Re: CVE request: Qemu: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines
- [oss-security] 20160523 Re: CVE request: Qemu: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines
- USN-3047-1
- USN-3047-1
- USN-3047-2
- USN-3047-2
- https://bugzilla.redhat.com/show_bug.cgi?id=1334384
- https://bugzilla.redhat.com/show_bug.cgi?id=1334384
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
- [qemu-devel] 20160523 [Qemu-devel] [PATCH] scsi: pvscsi: check command descriptor ring buffer
- [qemu-devel] 20160523 [Qemu-devel] [PATCH] scsi: pvscsi: check command descriptor ring buffer
Modified: 2024-11-21
CVE-2016-5403
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
- RHSA-2016:1585
- RHSA-2016:1585
- RHSA-2016:1586
- RHSA-2016:1586
- RHSA-2016:1606
- RHSA-2016:1606
- RHSA-2016:1607
- RHSA-2016:1607
- RHSA-2016:1652
- RHSA-2016:1652
- RHSA-2016:1653
- RHSA-2016:1653
- RHSA-2016:1654
- RHSA-2016:1654
- RHSA-2016:1655
- RHSA-2016:1655
- RHSA-2016:1756
- RHSA-2016:1756
- RHSA-2016:1763
- RHSA-2016:1763
- RHSA-2016:1943
- RHSA-2016:1943
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 92148
- 92148
- 1036476
- 1036476
- USN-3047-1
- USN-3047-1
- USN-3047-2
- USN-3047-2
- http://xenbits.xen.org/xsa/advisory-184.html
- http://xenbits.xen.org/xsa/advisory-184.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1358359
- https://bugzilla.redhat.com/show_bug.cgi?id=1358359
- [debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update
- [debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update
Package make-initrd-propagator updated to version 0.30-alt1 for branch sisyphus in task 169199.
Closed bugs
вернуть возможность запуска livecd без rw slice на флэшке
Package qpid-proton updated to version 0.14.0-alt1 for branch sisyphus in task 169029.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-2166
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.
- FEDORA-2016-e6e8436b98
- FEDORA-2016-e6e8436b98
- http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html
- http://packetstormsecurity.com/files/136403/Apache-Qpid-Proton-0.12.0-SSL-Failure.html
- http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html
- http://qpid.apache.org/releases/qpid-proton-0.12.1/release-notes.html
- 20160323 CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported
- 20160323 CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported
- https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git%3Bh=a058585
- https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git%3Bh=a058585
- https://issues.apache.org/jira/browse/PROTON-1157
- https://issues.apache.org/jira/browse/PROTON-1157
- [qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223
- [qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223
Modified: 2024-11-21
CVE-2016-4467
The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the SChannel-based security layer, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.
- [oss-security] 20160715 [SECURITY] CVE-2016-4467: Apache Qpid Proton: Failure to verify that the server host name matches the certificate host name on Windows
- [oss-security] 20160715 [SECURITY] CVE-2016-4467: Apache Qpid Proton: Failure to verify that the server host name matches the certificate host name on Windows
- 91788
- 91788
- 1036316
- 1036316
- [qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223
- [qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223