[Frugalware-security] [ FSA-455 ] qemu
Miklos Vajna
vmiklos at frugalware.org
Sun May 25 14:42:33 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frugalware Security Advisory FSA-455
Date: 2008-05-25
Package: qemu
Vulnerable versions: <= 0.9.1-2
Unaffected versions: >= 0.9.1-3kalgan1
Related bugreport: http://bugs.frugalware.org/task/3043
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
Description
===========
A vulnerability has been reported in QEMU, which can be exploited by malicious, local users to bypass certain security restrictions.
The vulnerability is caused due to the "drive_init()" function in vl.c determining the format of a disk from data contained in the disk's header. This can be exploited by a malicious user in a guest system to e.g. read arbitrary files on the host by writing a fake header to a raw formatted disk image.
Updated Packages
================
Check if you have qemu installed:
# pacman-g2 -Q qemu
If found, then you should upgrade to the latest version:
# pacman-g2 -Sy qemu
Availability
============
The latest revision of this advisory is available at
http://frugalware.org/security/455
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info
iEYEARECAAYFAkg5XrkACgkQZ7NElSD1Vhk48ACeM6zAloO0zJOcuAZHJfDIhQO/
tXwAn3H/DI9Pjj+RUcXsvr8mmRG7R3EZ
=txnM
-----END PGP SIGNATURE-----
More information about the Frugalware-security
mailing list