Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in QEMU
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in QEMU
ID: USN-3125-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 16.10
Datum: Mi, 9. November 2016, 22:34
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8578

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============4998925637678398236==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="nolMRXieepNiXLoEabjTMxXpkvRbDOr1p"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--nolMRXieepNiXLoEabjTMxXpkvRbDOr1p
Content-Type: multipart/mixed;
boundary="dl8K5hrf2ka0t01V1qLQeUqTojmer9KLa"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
<ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <bffd9c3c-28e0-adcc-3bc6-831d8751ffc4@canonical.com>
Subject: [USN-3125-1] QEMU vulnerabilities

--dl8K5hrf2ka0t01V1qLQeUqTojmer9KLa
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-3125-1
November 09, 2016

qemu, qemu-kvm vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in QEMU.

Software Description:
- qemu: Machine emulator and virtualizer
- qemu-kvm: Machine emulator and virtualizer

Details:

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A
privileged attacker inside the guest could use this issue to cause QEMU to
consume resources, resulting in a denial of service. (CVE-2016-5403)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network
card emulation support. A privileged attacker inside the guest could use
this issue to cause QEMU to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-6833, CVE-2016-6834, CVE-2016-6888)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network
card emulation support. A privileged attacker inside the guest could use
this issue to cause QEMU to crash, resulting in a denial of service, or
possibly execute arbitrary code on the host. In the default installation,
when QEMU is used with libvirt, attackers would be isolated by the libvirt
AppArmor profile. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS and Ubuntu 16.10. (CVE-2016-6835)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network
card emulation support. A privileged attacker inside the guest could use
this issue to possibly to obtain sensitive host memory. This issue only
affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-6836)

Felix Wilhelm discovered that QEMU incorrectly handled Plan 9 File System
(9pfs) support. A privileged attacker inside the guest could use this issue
to possibly to obtain sensitive host files. (CVE-2016-7116)

Li Qiang and Tom Victor discovered that QEMU incorrectly handled VMWARE
PVSCSI paravirtual SCSI bus emulation support. A privileged attacker inside
the guest could use this issue to cause QEMU to crash, resulting in a
denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS and Ubuntu 16.10. (CVE-2016-7155)

Li Qiang discovered that QEMU incorrectly handled VMWARE PVSCSI paravirtual
SCSI bus emulation support. A privileged attacker inside the guest could
use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu
16.10. (CVE-2016-7156, CVE-2016-7421)

Tom Victor discovered that QEMU incorrectly handled LSI SAS1068 host bus
emulation support. A privileged attacker inside the guest could use this
issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.10. (CVE-2016-7157)

Hu Chaojian discovered that QEMU incorrectly handled xlnx.xps-ethernetlite
emulation support. A privileged attacker inside the guest could use this
issue to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code on the host. In the default installation, when QEMU
is used with libvirt, attackers would be isolated by the libvirt AppArmor
profile. (CVE-2016-7161)

Qinghao Tang and Li Qiang discovered that QEMU incorrectly handled the
VMWare VGA module. A privileged attacker inside the guest could use this
issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-7170)

Qinghao Tang and Zhenhao Hong discovered that QEMU incorrectly handled the
Virtio module. A privileged attacker inside the guest could use this issue
to cause QEMU to crash, resulting in a denial of service. This issue only
affected Ubuntu 16.10. (CVE-2016-7422)

Li Qiang discovered that QEMU incorrectly handled LSI SAS1068 host bus
emulation support. A privileged attacker inside the guest could use this
issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.10. (CVE-2016-7423)

Li Qiang discovered that QEMU incorrectly handled USB xHCI controller
emulation support. A privileged attacker inside the guest could use this
issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7466)

Li Qiang discovered that QEMU incorrectly handled ColdFire Fast Ethernet
Controller emulation support. A privileged attacker inside the guest could
use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2016-7908)

Li Qiang discovered that QEMU incorrectly handled AMD PC-Net II emulation
support. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. (CVE-2016-7909)

Li Qiang discovered that QEMU incorrectly handled the Virtio GPU support. A
privileged attacker inside the guest could use this issue to cause QEMU to
consume resources, resulting in a denial of service. This issue only
affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7994)

Li Qiang discovered that QEMU incorrectly handled USB EHCI emulation
support. A privileged attacker inside the guest could use this issue to
cause QEMU to consume resources, resulting in a denial of service. This
issue only affected Ubuntu 16.10. (CVE-2016-7995)

Li Qiang discovered that QEMU incorrectly handled USB xHCI controller
support. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-8576)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs)
support. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-8577, CVE-2016-8578)

It was discovered that QEMU incorrectly handled Rocker switch emulation
support. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. This issue only
affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-8668)

It was discovered that QEMU incorrectly handled Intel HDA controller
emulation support. A privileged attacker inside the guest could use this
issue to cause QEMU to consume resources, resulting in a denial of service.
(CVE-2016-8909)

Andrew Henderson discovered that QEMU incorrectly handled RTL8139 ethernet
controller emulation support. A privileged attacker inside the guest could
use this issue to cause QEMU to consume resources, resulting in a denial of
service. (CVE-2016-8910)

Li Qiang discovered that QEMU incorrectly handled Intel i8255x ethernet
controller emulation support. A privileged attacker inside the guest could
use this issue to cause QEMU to consume resources, resulting in a denial of
service. (CVE-2016-9101)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs)
support. A privileged attacker inside the guest could use this issue to
cause QEMU to consume resources, resulting in a denial of service.
(CVE-2016-9102, CVE-2016-9104, CVE-2016-9105)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs)
support. A privileged attacker inside the guest could use this issue to
possibly to obtain sensitive host memory. (CVE-2016-9103)

Li Qiang discovered that QEMU incorrectly handled Plan 9 File System (9pfs)
support. A privileged attacker inside the guest could use this issue to
cause QEMU to consume resources, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-9106)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
qemu-system 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-aarch64 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-arm 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-mips 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-misc 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-ppc 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-s390x 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-sparc 1:2.6.1+dfsg-0ubuntu5.1
qemu-system-x86 1:2.6.1+dfsg-0ubuntu5.1

Ubuntu 16.04 LTS:
qemu-system 1:2.5+dfsg-5ubuntu10.6
qemu-system-aarch64 1:2.5+dfsg-5ubuntu10.6
qemu-system-arm 1:2.5+dfsg-5ubuntu10.6
qemu-system-mips 1:2.5+dfsg-5ubuntu10.6
qemu-system-misc 1:2.5+dfsg-5ubuntu10.6
qemu-system-ppc 1:2.5+dfsg-5ubuntu10.6
qemu-system-s390x 1:2.5+dfsg-5ubuntu10.6
qemu-system-sparc 1:2.5+dfsg-5ubuntu10.6
qemu-system-x86 1:2.5+dfsg-5ubuntu10.6

Ubuntu 14.04 LTS:
qemu-system 2.0.0+dfsg-2ubuntu1.30
qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.30
qemu-system-arm 2.0.0+dfsg-2ubuntu1.30
qemu-system-mips 2.0.0+dfsg-2ubuntu1.30
qemu-system-misc 2.0.0+dfsg-2ubuntu1.30
qemu-system-ppc 2.0.0+dfsg-2ubuntu1.30
qemu-system-sparc 2.0.0+dfsg-2ubuntu1.30
qemu-system-x86 2.0.0+dfsg-2ubuntu1.30

Ubuntu 12.04 LTS:
qemu-kvm 1.0+noroms-0ubuntu14.31

After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3125-1
CVE-2016-5403, CVE-2016-6833, CVE-2016-6834, CVE-2016-6835,
CVE-2016-6836, CVE-2016-6888, CVE-2016-7116, CVE-2016-7155,
CVE-2016-7156, CVE-2016-7157, CVE-2016-7161, CVE-2016-7170,
CVE-2016-7421, CVE-2016-7422, CVE-2016-7423, CVE-2016-7466,
CVE-2016-7908, CVE-2016-7909, CVE-2016-7994, CVE-2016-7995,
CVE-2016-8576, CVE-2016-8577, CVE-2016-8578, CVE-2016-8668,
CVE-2016-8909, CVE-2016-8910, CVE-2016-9101, CVE-2016-9102,
CVE-2016-9103, CVE-2016-9104, CVE-2016-9105, CVE-2016-9106

Package Information:
https://launchpad.net/ubuntu/+source/qemu/1:2.6.1+dfsg-0ubuntu5.1
https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg-5ubuntu10.6
https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.30
https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.31



--dl8K5hrf2ka0t01V1qLQeUqTojmer9KLa--

--nolMRXieepNiXLoEabjTMxXpkvRbDOr1p
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJYI3D2AAoJEGVp2FWnRL6TJmcP+QEoSPj5M8Kao6Za0foOKxhb
n84yrPbANuQkI9K60B+w6yRGH7wtMJL312i5uhLj+h1p+SyJPhmFJ2TuxuGShTyb
J8rcfV38UYRiV9hQn6uJ4Pk1CGtRU+75RYoWtJ96bS1opvVTrw6hveMYLM4LvkVn
7MvoLHlDJG6bxr44ivTKNJ5P2nEkDX2bpnaosH5JkynxGE4vkK0LVRmNK1zpVIW2
Dl/Pa9eWrcYRJoRdU2THrdIpSb32LhC+kZZ/o5WVzrcwYUZrKiugXxu6U+nmX+Jj
3T91yJFbrcqW20oOZFQAqD0lKHYVYTdRVDX3pCIKjr7tYPpuhxH/GS45T9ZYwRH1
g/gJwdLvT8vihEJzCudch5Br4hmwfd6X6EadWM8R00W0tscpZUKmLECYPQSBs0qM
+FtR2I+92FK/WODUKfXXl/bp7ldxFXMNG/NMOj457vYFg30RPNAAVVNPiaCtiFMr
5oAGeehO9V8ryfp0mT3+jVSr3KkaRbBFam1TnRnEMCZrSU8ww+gvpohZU1M1T2xT
VzYtEBHR7Sdj5nLEwgXn3M2wEDqhFNt/DhAgX1V+Cqj3CfV6+lXgEgN02EMIwn21
ply2YAk5rinmtskGt4Yn9pP3UagPyQbqTkHdx87QTNFUGr4tfGjB0zI01V6kAidk
XyBCQS5e27Gczr9+Y8SH
=un6p
-----END PGP SIGNATURE-----

--nolMRXieepNiXLoEabjTMxXpkvRbDOr1p--


--===============4998925637678398236==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============4998925637678398236==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung