Your message dated Sat, 19 Jan 2013 12:47:04 +0000 with message-id <e1twxpa-0000uf...@franck.debian.org> and subject line Bug#696051: fixed in qemu-kvm 0.12.5+dfsg-5+squeeze10 has caused the Debian Bug report #696051, regarding potential guest-side buffer overflow caused by e1000 device emulation and large incoming packets - CVE-2012-6075 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 696051: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696051 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: qemu Severity: serious Tags: upstream patch pending security When guest does not enable large packet receiving from the qemu-emulated e1000 device, and a large packet is received from the network, qemu will happily transfer whole thing to guest, causing a guest buffer overflow. This is fixed by upstream commit b0d9ffcd0251161c7c92f94804dcf599dfa3edeb , with the following comment by Michael Contreras: Tested with linux guest. This error can potentially be exploited. At the very least it can cause a DoS to a guest system, and in the worse case it could allow remote code execution on the guest system with kernel level privilege. Risk seems low, as the network would need to be configured to allow large packets. So it can be considered a low-risk security issue, too. /mjt
--- End Message ---
--- Begin Message ---Source: qemu-kvm Source-Version: 0.12.5+dfsg-5+squeeze10 We believe that the bug you reported is fixed in the latest version of qemu-kvm, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 696...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Tokarev <m...@tls.msk.ru> (supplier of updated qemu-kvm package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 14 Jan 2013 12:58:32 +0400 Source: qemu-kvm Binary: qemu-kvm qemu-kvm-dbg kvm Architecture: source i386 Version: 0.12.5+dfsg-5+squeeze10 Distribution: stable-security Urgency: low Maintainer: Jan Lübbe <jlue...@debian.org> Changed-By: Michael Tokarev <m...@tls.msk.ru> Description: kvm - dummy transitional package from kvm to qemu-kvm qemu-kvm - Full virtualization on x86 hardware qemu-kvm-dbg - Debugging info for qemu-kvm Closes: 696051 Changes: qemu-kvm (0.12.5+dfsg-5+squeeze10) stable-security; urgency=low . * CVE-2012-6075 fix (Closes: #696051): e1000-discard-packets-that-are-too-long-if-not-SBP-and-not-LPE.patch e1000-discard-oversized-packets-based-on-SBP_LPE.patch Checksums-Sha1: bfdeab0fc8c8f64db0d173b3752882a4cfdf5a79 1818 qemu-kvm_0.12.5+dfsg-5+squeeze10.dsc 9b8cb98c9ee86311a4e193401e6e30ea001dbd93 318726 qemu-kvm_0.12.5+dfsg-5+squeeze10.diff.gz 6ea74e30766b0be3091920ac5b3568691af4098e 1498652 qemu-kvm_0.12.5+dfsg-5+squeeze10_i386.deb f2bd3269af902699e7e7f710be74490892d947aa 2787336 qemu-kvm-dbg_0.12.5+dfsg-5+squeeze10_i386.deb 9b84a65cceeb3cdf04b9b7720fd4f3372ed18184 13968 kvm_0.12.5+dfsg-5+squeeze10_i386.deb Checksums-Sha256: 31ca7c7d35e71167e0ab3d29e8c3ead167fd6e154d78869db4a2bfd1ab289cc1 1818 qemu-kvm_0.12.5+dfsg-5+squeeze10.dsc 6cfbb676fa3f5e7dbf42547a66a2838e6cc1d6d0a14dc4d8501368267387835a 318726 qemu-kvm_0.12.5+dfsg-5+squeeze10.diff.gz 934a26dcccad822c7e7b17993086d024b0754d52efa2e605a30dcc98c2d07813 1498652 qemu-kvm_0.12.5+dfsg-5+squeeze10_i386.deb 66cdc380ab19a939349056065bb4a442bba2b87e26152dfd6b2b1026cdcf2d85 2787336 qemu-kvm-dbg_0.12.5+dfsg-5+squeeze10_i386.deb 321f412f396d4e98b47159c57050f2f304070acf7bb9e10597165ec8b00d059a 13968 kvm_0.12.5+dfsg-5+squeeze10_i386.deb Files: 2b48569167d8e002f9c48dabb72ecb17 1818 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze10.dsc d014381ae6966eaba6f470c7fd0cbe23 318726 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze10.diff.gz 803cd9a2771a0433d966ec93e78c9f25 1498652 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze10_i386.deb 33cfce538fb6c4ef9c4d68523089610b 2787336 debug extra qemu-kvm-dbg_0.12.5+dfsg-5+squeeze10_i386.deb 61ed0b75379a34d9b717a96cc9b4fd7d 13968 oldlibs extra kvm_0.12.5+dfsg-5+squeeze10_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iJwEAQECAAYFAlD1G9AACgkQUlPFrXTwyDj0cQQApMKEOwLmhr4tkQf1xXkspkA7 7+Z5YGjmiWDN7rW+t0SplhTe76IZEm9fNAHzE/4uQpfvhmQtJw2XKt8HktHHg6tY lYVxUscPlEzVFRTnq2HcXrwSRcSFEeMYNRIxWoqbKrsgr8S16po/QSpF9xOKaNKd zVD5ItkkDMD+HoV0RtA= =OrGY -----END PGP SIGNATURE-----
--- End Message ---
