GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Mon Apr 09, 2018 2:26 am Post subject: [ glsa 201804-08 ] qemu |
|
|
Gentoo Linux Security Advisory
Title: QEMU: Multiple vulnerabilities (GLSA 201804-08)
Severity: normal
Exploitable: local, remote
Date: 2018-04-08
Bug(s): #629348, #638506, #643432, #646814, #649616
ID: 201804-08
Synopsis
Multiple vulnerabilities have been found in QEMU, the worst of
which may allow an attacker to execute arbitrary code.
Background
QEMU is a generic and open source machine emulator and virtualizer.
Affected Packages
Package: app-emulation/qemu
Vulnerable: < 2.11.1-r1
Unaffected: >= 2.11.1-r1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in QEMU. Please review the
CVE identifiers referenced below for details.
Impact
An attacker could execute arbitrary code, cause a Denial of Service
condition, or obtain sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All QEMU users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/qemu-2.11.1-r1"
|
References
CVE-2017-13672
CVE-2017-15124
CVE-2017-16845
CVE-2017-17381
CVE-2017-18030
CVE-2017-18043
CVE-2017-5715
CVE-2018-5683
CVE-2018-5748
CVE-2018-7550 |
|