Your message dated Sat, 02 Jul 2011 13:59:14 +0000
with message-id <e1qd0j4-00074n...@franck.debian.org>
and subject line Bug#631975: fixed in qemu-kvm 0.12.5+dfsg-5+squeeze4
has caused the Debian Bug report #631975,
regarding OOB memory access caused by negative vq notifies (CVE-2011-2512)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
631975: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631975
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: qemu-kvm
Version: 0.12.5+dfsg-5+squeeze3
Severity: grave
Tags: upstream security squeeze sid
The virtio_queue_notify() function checks that the virtqueue number is
less than the maximum number of virtqueues. A signed comparison is used
but the virtqueue number could be negative if a buggy or malicious guest
is run. This results in memory accesses outside of the virtqueue array.
This can be triggered by malicious guest - unprivileged guest user can
either crash the qemu process or, possible, gain extra privileges on
the host.
Additional information:
http://patchwork.ozlabs.org/patch/94604/ (upstream patch)
https://bugzilla.redhat.com/show_bug.cgi?id=717399
The problem affects both sqeeze and sid versions. It is present in
lenny too, but that one is hopeless (we should provide fixes for
lenny backports instead).
--- End Message ---
--- Begin Message ---
Source: qemu-kvm
Source-Version: 0.12.5+dfsg-5+squeeze4
We believe that the bug you reported is fixed in the latest version of
qemu-kvm, which is due to be installed in the Debian FTP archive:
kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
to main/q/qemu-kvm/kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze4_amd64.deb
to main/q/qemu-kvm/qemu-kvm-dbg_0.12.5+dfsg-5+squeeze4_amd64.deb
qemu-kvm_0.12.5+dfsg-5+squeeze4.diff.gz
to main/q/qemu-kvm/qemu-kvm_0.12.5+dfsg-5+squeeze4.diff.gz
qemu-kvm_0.12.5+dfsg-5+squeeze4.dsc
to main/q/qemu-kvm/qemu-kvm_0.12.5+dfsg-5+squeeze4.dsc
qemu-kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
to main/q/qemu-kvm/qemu-kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 631...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <m...@tls.msk.ru> (supplier of updated qemu-kvm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 29 Jun 2011 00:44:36 +0400
Source: qemu-kvm
Binary: qemu-kvm qemu-kvm-dbg kvm
Architecture: source amd64
Version: 0.12.5+dfsg-5+squeeze4
Distribution: stable-security
Urgency: high
Maintainer: Jan Lübbe <jlue...@debian.org>
Changed-By: Michael Tokarev <m...@tls.msk.ru>
Description:
kvm - dummy transitional package from kvm to qemu-kvm
qemu-kvm - Full virtualization on x86 hardware
qemu-kvm-dbg - Debugging info for qemu-kvm
Closes: 631975
Changes:
qemu-kvm (0.12.5+dfsg-5+squeeze4) stable-security; urgency=high
.
* virtio: guard against negative vq notifies -- fixes a guest-triggerable
bug in virtio implementation (CVE-2011-2512) (Closes: #631975)
Checksums-Sha1:
cd52234a17a7d0266cb943abbae1c92cfd34fffa 1696
qemu-kvm_0.12.5+dfsg-5+squeeze4.dsc
03fdf8cab0c8010b93bf1466f4e9003eb54ab7d4 310355
qemu-kvm_0.12.5+dfsg-5+squeeze4.diff.gz
c790ad9d44f23c7105a91017828ee455c8719348 1613072
qemu-kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
5d7b0cf3b49e91f1192f45971d584dc3d713778b 2819218
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze4_amd64.deb
e61cf96bbe39678a1f88271965dd577ba58c9eb7 13240
kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
Checksums-Sha256:
7cc418f9237598d181555fed9c95f9ca61fc3279c58241cacbb263bcae02a444 1696
qemu-kvm_0.12.5+dfsg-5+squeeze4.dsc
bd6783731b5cea85956b14d18e2586a278dfb52cd58e61fe6d5a1bbf555dfbe7 310355
qemu-kvm_0.12.5+dfsg-5+squeeze4.diff.gz
3fa2c2a2a55216d07458e8346a6551f23b76974331e171b75795e2a30cee7f26 1613072
qemu-kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
cf533fdb164c84e7867c4e87aa2fcabb95e99cb56e6924342772613ec3ea3aaa 2819218
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze4_amd64.deb
320ca0eb87fa51c510c989720f89d55d05998094e5487156d463cb1e40e658c4 13240
kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
Files:
374d6a8f183a435fe71a8a9df7b65894 1696 misc optional
qemu-kvm_0.12.5+dfsg-5+squeeze4.dsc
9a46867c5a5224e20663b2432aabcfe0 310355 misc optional
qemu-kvm_0.12.5+dfsg-5+squeeze4.diff.gz
1c75f68dd0eeacd513c68ad28133f091 1613072 misc optional
qemu-kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
266242ac3d7c2bab21efd7449caa710a 2819218 debug extra
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze4_amd64.deb
c68703d71b408bdf6b1e0056b92e5e0c 13240 oldlibs extra
kvm_0.12.5+dfsg-5+squeeze4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk4NjkIACgkQioOL5NhIDy54nwCg3GFgIbFjEe2XZ4rqeNqXIW40
Kn0An1zzDsfTDsRK+YJbeQrtv5scE7vR
=g1wB
-----END PGP SIGNATURE-----
--- End Message ---
