Your message dated Thu, 30 Jun 2011 12:03:23 +0000
with message-id <[email protected]>
and subject line Bug#631975: fixed in qemu-kvm 0.14.1+dfsg-2
has caused the Debian Bug report #631975,
regarding OOB memory access caused by negative vq notifies (CVE-2011-2512)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
631975: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631975
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: qemu-kvm
Version: 0.12.5+dfsg-5+squeeze3
Severity: grave
Tags: upstream security squeeze sid
The virtio_queue_notify() function checks that the virtqueue number is
less than the maximum number of virtqueues. A signed comparison is used
but the virtqueue number could be negative if a buggy or malicious guest
is run. This results in memory accesses outside of the virtqueue array.
This can be triggered by malicious guest - unprivileged guest user can
either crash the qemu process or, possible, gain extra privileges on
the host.
Additional information:
http://patchwork.ozlabs.org/patch/94604/ (upstream patch)
https://bugzilla.redhat.com/show_bug.cgi?id=717399
The problem affects both sqeeze and sid versions. It is present in
lenny too, but that one is hopeless (we should provide fixes for
lenny backports instead).
--- End Message ---
--- Begin Message ---
Source: qemu-kvm
Source-Version: 0.14.1+dfsg-2
We believe that the bug you reported is fixed in the latest version of
qemu-kvm, which is due to be installed in the Debian FTP archive:
kvm_0.14.1+dfsg-2_amd64.deb
to main/q/qemu-kvm/kvm_0.14.1+dfsg-2_amd64.deb
qemu-kvm-dbg_0.14.1+dfsg-2_amd64.deb
to main/q/qemu-kvm/qemu-kvm-dbg_0.14.1+dfsg-2_amd64.deb
qemu-kvm_0.14.1+dfsg-2.debian.tar.gz
to main/q/qemu-kvm/qemu-kvm_0.14.1+dfsg-2.debian.tar.gz
qemu-kvm_0.14.1+dfsg-2.dsc
to main/q/qemu-kvm/qemu-kvm_0.14.1+dfsg-2.dsc
qemu-kvm_0.14.1+dfsg-2_amd64.deb
to main/q/qemu-kvm/qemu-kvm_0.14.1+dfsg-2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <[email protected]> (supplier of updated qemu-kvm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 29 Jun 2011 00:53:54 +0400
Source: qemu-kvm
Binary: qemu-kvm qemu-kvm-dbg kvm
Architecture: source amd64
Version: 0.14.1+dfsg-2
Distribution: unstable
Urgency: high
Maintainer: Jan Lübbe <[email protected]>
Changed-By: Michael Tokarev <[email protected]>
Description:
kvm - dummy transitional package from kvm to qemu-kvm
qemu-kvm - Full virtualization on x86 hardware
qemu-kvm-dbg - Debugging info for qemu-kvm
Closes: 631975
Changes:
qemu-kvm (0.14.1+dfsg-2) unstable; urgency=high
.
* virtio: guard against negative vq notifies -- fixes a guest-triggerable
bug in virtio implementation (CVE-2011-2512) (Closes: #631975)
Urgency is high due to security fix.
Checksums-Sha1:
54d817e1eeac450e45d960662ad037ae329509a1 1698 qemu-kvm_0.14.1+dfsg-2.dsc
9fa9ff7bbf0e9699cc3c7dba3a03573840e0cb56 24806
qemu-kvm_0.14.1+dfsg-2.debian.tar.gz
f3cbfda6d8d860179a8d489962f5373848cd50e7 1274594
qemu-kvm_0.14.1+dfsg-2_amd64.deb
0a50d63033febd5267f23c536ba97ebf1167ec2d 3319678
qemu-kvm-dbg_0.14.1+dfsg-2_amd64.deb
0c14de717a55cc814e64d4056f13a7a7f22b6da9 8858 kvm_0.14.1+dfsg-2_amd64.deb
Checksums-Sha256:
4e799e793dee357cecb12295eaf34d846076eb52e9ca6c898c811067878a5f07 1698
qemu-kvm_0.14.1+dfsg-2.dsc
f35dfe4a953f44a39f3fdc030fa7b794a7c56016773791249ce4e41df75f68b9 24806
qemu-kvm_0.14.1+dfsg-2.debian.tar.gz
712d5794bde18b8b83d51359094f11f72637c0ca03f625787a663ed4998c85de 1274594
qemu-kvm_0.14.1+dfsg-2_amd64.deb
e124fe6c58f55dba388519301c772145ae79d0bc67f90f8236c97eb3ad9f35b7 3319678
qemu-kvm-dbg_0.14.1+dfsg-2_amd64.deb
3573b4683f05e992b1ecfb587e8d63e16c5ab0fb4e0a15efd0a6b70e6cb45be8 8858
kvm_0.14.1+dfsg-2_amd64.deb
Files:
4d78f2268bb6768dc215432463f8b03e 1698 misc optional qemu-kvm_0.14.1+dfsg-2.dsc
9f73a92ede70a1eccc83b450622cf440 24806 misc optional
qemu-kvm_0.14.1+dfsg-2.debian.tar.gz
07e9494649d3873dfee6b530545b0290 1274594 misc optional
qemu-kvm_0.14.1+dfsg-2_amd64.deb
bb94aa793b4b96e9fa5bba3ee0377be6 3319678 debug extra
qemu-kvm-dbg_0.14.1+dfsg-2_amd64.deb
73bcf1bc57acfa20643f33885126b2f5 8858 oldlibs extra kvm_0.14.1+dfsg-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk4MZGgACgkQioOL5NhIDy6iWQCeMrdtwXMsfU06IREpsRRjVTDb
UawAn35rF52honu/EF4+5nGMWGus0rXq
=4F1R
-----END PGP SIGNATURE-----
--- End Message ---