[security-announce] Qemu: Security update

Sona Sarmadi sona.sarmadi at enea.com
Fri Feb 13 08:19:34 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

		Enea Linux Security Advisory

=========================================================
Product/package: Qemu 1.7
Severity: Moderate
Issue date: 2015-02-13
CVE Names: CVE-2014-2894 out of bounds buffer accesses,
           guest triggerable via IDE SMART
=========================================================

A security patch that fixes a vulnerability in Qemu's IDE
device model is now available at http://linux.enea.com/4.0/patches:

README file: 0036-Qemu-CVE-2014-2894.README
Patch file: 0036-Qemu-CVE-2014-2894.patch

Description
===========
Off-by-one error in the cmd_smart function in the smart self
test in hw/ide/core.c in QEMU before 2.0 allows local users to
have unspecified impact via a SMART EXECUTE OFFLINE command
that triggers a buffer underflow and memory corruption.

References
==========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894

How to apply the patches
=======================
- - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing FSL kernel patches in the right order

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

- - Fetch and apply the new patch
cd Enea-Linux-4.0/poky
wget http://linux.enea.com/4.0/patches/0036-Qemu-CVE-2014-2894.patch
patch -p1 < ./0036-Qemu-CVE-2014-2894.patch

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU3aWGAAoJEHc+9u9ocWoUmkkP/1IHwwVYOlbvAuO2mH1uHwZ+
PRbkVAnOuXB7xn3E7Hw6ZacxQT0em1gDbsUZbjif/QG0fy35oXWcT1i2SeBN6oAr
DNOEupWEWsAIZayErGJswd5h/ZcOyQttIbjrI1N9TDSgwsD6nnb0EMmiV9J4OzOR
ZWE/HcV3QAv0ZHQ8lmDFvOcPnRTo/fVkogUnBbdHSytYKqGN+HJaCW3gNRtN3FsM
LnZteJL+e5M8y0jLvHQLGsOzvSKFuaJ3UgjnfrvLXUCaxv2UsbpU417DqksbMUzP
U7Y+HKfv94UWhGsCbzWA96FBYUPfxUUzPbYnjmBuw5SRtktd6b6Fm5cS9tqRBxds
siWwGi5iPBCHZh61JCr8xI7/z5X4XsXKNL3tQ7ry/tKBC2mnTBKu/diRWgFn0Qhi
pFEC1yeW7KKkVKWRFD9OjdL1NX6c6vh9h9g3baSGpW2yRacRmEGk4iEbjk1NVva4
6cpjrb+CzUsmZxFHUDWPw3WJvqjHy+CvEFtm3OoAV/HFZlArFRiYlS5S+WnZIJCA
4uHmOUbRBR3Pgvf43E8HUxMl/fzUUXl1vmDBHy0rrL1w4y5nWg5z94t3VsV1pxoA
xydNrEBzJwuWhOOwxppfQqmvZW0/VXavpZGMrUn5eJRUfo7XzvcuqQ9mef1slqaI
k/ehAD7aUysOCH5ZAJSU
=/0SH
-----END PGP SIGNATURE-----



More information about the security-announce mailing list