From Mageia wiki
Jump to: navigation, search

MGASA-2012-0222

Date: August 18th, 2012
Affected releases: 1


Description:
Updated qemu packages fix security vulnerabilities:

The change_process_uid function in os-posix.c in Qemu 0.14.0 and
earlier does not properly drop group privileges when the -runas option
is used, which allows local guest users to access restricted files on
the host (CVE-2011-2527).

Heap-based buffer overflow in the process_tx_desc function in the e1000
emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions,
allows guest OS users to cause a denial of service (QEMU crash) and
possibly execute arbitrary code via crafted legacy mode packets
(CVE-2012-0029).


Updated Packages:
qemu-0.14.0-5.2.mga1
qemu-img-0.14.0-5.2.mga1


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2527
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html
https://bugs.mageia.org/show_bug.cgi?id=7006