USN-2974-1: QEMU vulnerabilities
USN-2974-1: QEMU vulnerabilities Ubuntu Security Notice USN-2974-1 12th May, 2016 qemu, qemu-kvm vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in QEMU. Software description qemu – Machine emulator and virtualizer qemu-kvm – Machine emulator and virtualizer Details Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulationsupport. A privileged attacker inside the guest could use this issue tocause QEMU to crash, resulting in a denial of service. (CVE-2016-2391) Qinghao Tang discovered that QEMU incorrectly handled USB Net emulationsupport. A privileged attacker inside the guest could use this issue tocause QEMU to crash, resulting in a denial of service. (CVE-2016-2392) Qinghao Tang discovered that QEMU incorrectly handled USB Net emulationsupport. A privileged attacker inside the guest could use this issue [ more… ]