This bug was fixed in the package qemu - 1:2.5+dfsg-5ubuntu10.28
---------------
qemu (1:2.5+dfsg-5ubuntu10.28) xenial-security; urgency=medium
* SECURITY UPDATE: arbitrary code execution via load_multiboot
- debian/patches/CVE-2018-7550.patch: handle bss_end_addr being zero in
hw/i386/multiboot.c.
- CVE-2018-7550
-- Marc Deslauriers <[email protected]> Fri, 11 May 2018
13:34:24 -0400
** Changed in: qemu (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7550
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1743637
Title:
QEMU vhost-user shutdown suffers from use after free (missing clean
shutdown)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1743637/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
