[security-announce] Amendment of previous security update: Security Update: qemu: CVE-2016-9912 & CVE-2016-9908

Sona Sarmadi sona.sarmadi at enea.com
Wed May 24 13:06:21 CEST 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

====================================================================
Product/package: Enea Linux 6.0: (Qemu 2.8)
Severity: Low
Architecture: all
CVE Name: CVE-2016-9912 & CVE-2016-9908
====================================================================

Following vulnerabilities have been fixed in the Enea Linux 6.0 release:

qemu: display: CVE-2016-9912
virtio-gpu: memory leakage when destroying gpu resource

qemu: display: CVE-2016-9908
virtio-gpu: information leakage in virgl_cmd_get_capset

Description (CVE-2016-9912)
===========================
Quick Emulator (Qemu) built with the Virtio GPU Device emulator
support is vulnerable to an information leakage issue. It could occur
while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest
user/process could use this flaw to leak contents of the host memory
bytes.

Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9912

Upstream patch
===============
http://git.qemu-project.org/?p=qemu.git;a=patch;h=b8e23926c568f2e963af39
028b71c472e3023793

Correction for Enea Linux
=========================
https://git.enea.com/cgit/linux/poky.git/patch/?id=cb2cf64b0b33e70b8f017
b8757f8d4dd0ba10431

Description (CVE-2016-9908)
===========================
Quick Emulator (Qemu) built with the Virtio GPU Device emulator
support is vulnerable to a memory leakage issue. It could occur while
destroying gpu resource object in 'virtio_gpu_resource_destroy'. A
guest user/process could use this flaw to leak host memory bytes,
resulting in DoS for a host.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9908

Upstream patch:
===============
http://git.qemu.org/?p=qemu.git;a=patch;h=85d9d044471f93c48c5c396f7e217b
4ef12f69f8

Correction for Enea Linux
=========================
https://git.enea.com/cgit/linux/poky.git/patch/?id=a71ba5142cd82c4d9390b
726773ef75d92ef672a

=============================
- - If you have already cloned needed repositories, update it to get new
security patches.

cd Enea-Linux-6.0
$ repo sync

- - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

Use repo tool to download the source for the Enea Linux 6.0 standard,
follow the steps below:
1. Make sure that the repo tool is installed. If not, follow the
instructions below:

$ curl https://storage.googleapis.com/git-repo-downloads/repo >
~/bin/repo $ chmod a+x ~/bin/repo

The instruction assumes that ~/bin exists and is included in the PATH
variable.

2.Use the repo tool to download the source:
$ mkdir Enea-Linux-6.0
$ cd Enea-Linux-6.0
$ repo init \
- -u git://git.enea.com/linux/el_manifests-standard.git \ -b krogoth\ -m
<manifest file> $ repo sync

The parameter <manifest file> depends on the target:
P2041RDB: p2041rdb/default.xml
LS1021a-IoT: ls1021aiot/default.xml
QEMUARM: qemuarm/default.xml
QEMUPCC: qemuppc/default.xml
QEMUX86: qemux86/default.xml

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

For gerneral security refer to Enea Linux Security page:
http://www.enea.com/solutions/Enea-Linux/Security/

For the CVEs fixed at Enea Linux releases see CVE list:
http://www.enea.com/solutions/Enea-Linux/Security/CVEs-list/

For custom packages/releases please use the Support Channel:
http://www.enea.com/solutions/support.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com






-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJZJWktAAoJEAilI68fskZd1zMH/isdLkwinaNSqXZYk9NeygZW
gVPZ96O+6luxWkB9BnV4s9lran3TDhmz5iAXBbea6crQgesdOQN6tQh9VDQaL/Eg
bwsBRcyCc0mW22vH2OCAG3Jm9K/9cavo/UG3/VXmISst0XWtObydxogNgbjbhlE8
RE2TyVSET+s3/Ozn2tKkdVcLZq4FcHU3e4hQJ4Tlb6leCRNi73lyrSLZAsAPcsZA
Hzmv6T+CwnPCcPzcyfBW44WWBiuSpRjNSUUEhVYd54QfYnFMdFar2fW+zK5xWukg
UcS/U2Vc5mvyV7/ULcXlwJ5xqUNf+fI/G0j+w5Wi4Tcd83UdZX7JA9pEGsGRBp8=
=ATBk
-----END PGP SIGNATURE-----


More information about the security-announce mailing list