Ubuntu
qemu-kvm package

CVE-2011-2212

Bug #806167 reported by Jamie Strandboge
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
qemu-kvm (Ubuntu)
Fix Released
Medium
Jamie Strandboge
Ubuntu oneiric-alpha-3
Oneiric
Fix Released
Medium
Jamie Strandboge
Ubuntu oneiric-alpha-3

Bug Description

qemu-kvm as included in Oneiric is vulnerable to CVE-2011-2212.

Related branches

lp:ubuntu/oneiric/qemu-kvm

CVE References

Jamie Strandboge (jdstrand)
security vulnerability: no → yes
Changed in qemu-kvm (Ubuntu Oneiric):
assignee: nobody → Jamie Strandboge (jdstrand)
importance: Undecided → Medium
milestone: none → oneiric-alpha-3
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package qemu-kvm - 0.14.0+noroms-0ubuntu8

---------------
qemu-kvm (0.14.0+noroms-0ubuntu8) oneiric; urgency=low

  * SECURITY UPDATE: fix to validate virtqueue in and out requests from the
    guests
    - debian/patches/CVE-2011-2212-virtqueue-indirect-overflow.patch: update
      hw/virtio.c to verify the length of indirect descriptors in
      virtqueue_pop() and virtqueue_avail_bytes()
    - CVE-2011-2212
    - LP: #806167
  * SECURITY UPDATE: validate virtio_queue_notify() is non-negative
    - virtio-guard-against-negative-vq-notifies-CVE-2011-2512.diff: update
      to move comparison out to syborg_virtio_writel(), virtio_ioport_write()
      and virtio_queue_notify_vq() and don't call common virtio code if
      virtqueue number is invalid. Patch from Debian.
    - CVE-2011-2512
    - LP: #806166
 -- Jamie Strandboge <email address hidden> Tue, 05 Jul 2011 13:24:52 -0500

Changed in qemu-kvm (Ubuntu Oneiric):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.