MGASA-2012-0222
Date: | August 18th, 2012 |
Affected releases: | 1 |
Description:
Updated qemu packages fix security vulnerabilities:
The change_process_uid function in os-posix.c in Qemu 0.14.0 and
earlier does not properly drop group privileges when the -runas option
is used, which allows local guest users to access restricted files on
the host (CVE-2011-2527).
Heap-based buffer overflow in the process_tx_desc function in the e1000
emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions,
allows guest OS users to cause a denial of service (QEMU crash) and
possibly execute arbitrary code via crafted legacy mode packets
(CVE-2012-0029).
Updated Packages:
qemu-0.14.0-5.2.mga1
qemu-img-0.14.0-5.2.mga1
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2527
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html
https://bugs.mageia.org/show_bug.cgi?id=7006