LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

qemu: buffer overflow

Package(s):qemu-kvm, qemu CVE #(s):CVE-2012-6075
Created:January 16, 2013 Updated:March 13, 2013
Description: From the Debian advisory:

It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default).

Alerts:
Debian DSA-2607-1 2013-01-15
Debian DSA-2608-1 2013-01-15
Ubuntu USN-1692-1 2013-01-16
Fedora FEDORA-2013-0965 2013-01-26
Fedora FEDORA-2013-0971 2013-01-26
Fedora FEDORA-2013-0934 2013-01-28
Fedora FEDORA-2013-1434 2013-02-02
Fedora FEDORA-2013-1269 2013-02-02
Fedora FEDORA-2013-1274 2013-02-02
Mageia MGASA-2013-0025 2013-02-06
Debian DSA-2619-1 2013-02-10
Red Hat RHSA-2013:0599-01 2013-03-06
CentOS CESA-2013:0599 2013-03-06
Oracle ELSA-2013-0599 2013-03-07
Scientific Linux SL-xen-20130307 2013-03-07
Red Hat RHSA-2013:0608-01 2013-03-07
Red Hat RHSA-2013:0609-01 2013-03-07
CentOS CESA-2013:0608 2013-03-08
Scientific Linux SL-kvm-20130307 2013-03-07
Scientific Linux SL-qemu-20130307 2013-03-07
Oracle ELSA-2013-0609 2013-03-08
CentOS CESA-2013:0608 2013-03-08
Oracle ELSA-2013-0608 2013-03-08
CentOS CESA-2013:0609 2013-03-09
Red Hat RHSA-2013:0639-01 2013-03-12
openSUSE openSUSE-SU-2013:0636-1 2013-04-08
openSUSE openSUSE-SU-2013:0637-1 2013-04-08
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds