漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
It was discovered that QEMU incorrectly handled VirtFS directory sharing.
It was discovered that QEMU incorrectly handled the Cirrus VGA device.
It was discovered that QEMU incorrectly handled the Cirrus VGA device when being used with a VNC connection.
It was discovered that QEMU incorrectly handled the audio subsystem.
It was discovered that QEMU incorrectly handled the input subsystem.
漏洞危害
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-7377, CVE-2017-8086)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-7718)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2017-7980)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-8309)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. (CVE-2017-8379)
解决方案
Refer to Ubuntu advisory USN-3289-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3289-1: 14.04 (Kylin) on src (qemu-system-ppc)
USN-3289-1: 16.04 (Xenial) on src (qemu-system-mips)
USN-3289-1: 14.04 (Kylin) on src (qemu-system-misc)
USN-3289-1: 17.04 (zesty) on src (qemu-system-ppc)
USN-3289-1: 16.04 (Xenial) on src (qemu-system-aarch64)
USN-3289-1: 16.04 (Xenial) on src (qemu-system)
USN-3289-1: 17.04 (zesty) on src (qemu-system-misc)
USN-3289-1: 14.04 (Kylin) on src (qemu-system-aarch64)
USN-3289-1: 14.04 (Kylin) on src (qemu-system-arm)
USN-3289-1: 16.04 (Xenial) on src (qemu-system-s390x)
USN-3289-1: 17.04 (zesty) on src (qemu-system-s390x)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system)
USN-3289-1: 14.04 (Kylin) on src (qemu-system)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system-s390x)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system-misc)
USN-3289-1: 17.04 (zesty) on src (qemu-system-x86)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system-mips)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system-arm)
USN-3289-1: 16.04 (Xenial) on src (qemu-system-ppc)
USN-3289-1: 16.04 (Xenial) on src (qemu-system-sparc)
USN-3289-1: 17.04 (zesty) on src (qemu-system-sparc)
USN-3289-1: 16.04 (Xenial) on src (qemu-system-misc)
USN-3289-1: 14.04 (Kylin) on src (qemu-system-sparc)
USN-3289-1: 14.04 (Kylin) on src (qemu-system-mips)
USN-3289-1: 17.04 (zesty) on src (qemu-system-arm)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system-ppc)
USN-3289-1: 16.04 (Xenial) on src (qemu-system-x86)
USN-3289-1: 17.04 (zesty) on src (qemu-system-mips)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system-aarch64)
USN-3289-1: 17.04 (zesty) on src (qemu-system-aarch64)
USN-3289-1: 16.10 (Yakkety) on src (qemu-system-sparc)
USN-3289-1: 17.04 (zesty) on src (qemu-system)
USN-3289-1: 14.04 (Kylin) on src (qemu-system-x86)
0day
文章评论