漏洞信息
It was discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation.
It was discovered that QEMU incorrectly handled the VMWare VGA module.
It was discovered that QEMU incorrectly handled VMWARE PVSCSI paravirtual SCSI bus emulation support.
It was discovered that QEMU incorrectly handled MegaRAID SAS 8708EM2 Host Bus Adapter emulation support.
It was discovered that QEMU incorrectly handled certain iSCSI asynchronous I/O ioctl calls.
It was discovered that QEMU incorrectly handled the Virtio module.
漏洞危害
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4439, CVE-2016-4441, CVE-2016-5238, CVE-2016-5338, CVE-2016-6351)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. (CVE-2016-4453, CVE-2016-4454)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4952)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly to obtain sensitive host memory. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5105, CVE-2016-5106, CVE-2016-5107, CVE-2016-5337)
An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5126)
A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2016-5403)
解决方案
Refer to Ubuntu advisory USN-3047-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3047-1: 16.04 (Xenial) on src (qemu-system-ppc)
USN-3047-1: 14.04 (Kylin) on src (qemu-system-x86)
USN-3047-1: 16.04 (Xenial) on src (qemu-system-misc)
USN-3047-1: 14.04 (Kylin) on src (qemu-system-aarch64)
USN-3047-1: 14.04 (Kylin) on src (qemu-system-arm)
USN-3047-1: 16.04 (Xenial) on src (qemu-system-arm)
USN-3047-1: 16.04 (Xenial) on src (qemu-system-s390x)
USN-3047-1: 16.04 (Xenial) on src (qemu-system-aarch64)
USN-3047-1: 16.04 (Xenial) on src (qemu-system)
USN-3047-1: 14.04 (Kylin) on src (qemu-system-misc)
USN-3047-1: 16.04 (Xenial) on src (qemu-system-x86)
USN-3047-1: 14.04 (Kylin) on src (qemu-system-sparc)
USN-3047-1: 14.04 (Kylin) on src (qemu-system-mips)
USN-3047-1: 16.04 (Xenial) on src (qemu-system-sparc)
USN-3047-1: 12.04 (Precise) on src (qemu-kvm)
USN-3047-1: 16.04 (Xenial) on src (qemu-system-mips)
www.0daybank.org
文章评论