MDVSA-2009:257
- Package name
- qemu
- Date
- 2009-10-05
- Advisory ID
- MDVSA-2009:257
- Affected versions
- 2009.0 x86_64 , 2009.0 i586 , MES5 i586 , MES5 x86_64
Problem description
Qemu 0.9.1 and earlier does not perform range checks for block
device read or write requests, which allows guest host users with
root privileges to access arbitrary memory and escape the virtual
machine. (CVE-2008-0928)
The updated packages have been patched to prevent this.
Updated packages
2009.0 x86_64
8ac6d994096bf85f3e4b4e708148e13c 2009.0/x86_64/dkms-kqemu-1.4.0-0.pre1.0.2mdv2009.0.x86_64.rpm 2f8acf7a55e0c6e68a41da161c28d8e8 2009.0/x86_64/qemu-0.9.1-0.r5137.1.2mdv2009.0.x86_64.rpm 5dd666c65695a3a3db651455e735d5df 2009.0/x86_64/qemu-img-0.9.1-0.r5137.1.2mdv2009.0.x86_64.rpm 93fdd8eee03c1f6096d8191a192f4640 2009.0/SRPMS/qemu-0.9.1-0.r5137.1.2mdv2009.0.src.rpm
2009.0 i586
57bef154e8cd25b642dce57763e16554 2009.0/i586/dkms-kqemu-1.4.0-0.pre1.0.2mdv2009.0.i586.rpm 329a667ed2903819014161849d344861 2009.0/i586/qemu-0.9.1-0.r5137.1.2mdv2009.0.i586.rpm db1ca03164a5ff2de841c4037c450bd6 2009.0/i586/qemu-img-0.9.1-0.r5137.1.2mdv2009.0.i586.rpm 93fdd8eee03c1f6096d8191a192f4640 2009.0/SRPMS/qemu-0.9.1-0.r5137.1.2mdv2009.0.src.rpm
MES5 i586
3438296928c91d6622555fc99b1f351a mes5/i586/dkms-kqemu-1.4.0-0.pre1.0.2mdvmes5.i586.rpm 37c18d0d549fc3820f010b11dc59fabf mes5/i586/qemu-0.9.1-0.r5137.1.2mdvmes5.i586.rpm e53fcf1dac65b13c16dbdc78dcb05ecd mes5/i586/qemu-img-0.9.1-0.r5137.1.2mdvmes5.i586.rpm b154a1c5d6ac4e5b2a010fe2f1bf32eb mes5/SRPMS/qemu-0.9.1-0.r5137.1.2mdvmes5.src.rpm
MES5 x86_64
2969010fc07ede667a6638a2826aa2fc mes5/x86_64/dkms-kqemu-1.4.0-0.pre1.0.2mdvmes5.x86_64.rpm ef9508b52fc4f1f16e077d37f34ea63c mes5/x86_64/qemu-0.9.1-0.r5137.1.2mdvmes5.x86_64.rpm cccc034235886f9799bda18d9e8018e4 mes5/x86_64/qemu-img-0.9.1-0.r5137.1.2mdvmes5.x86_64.rpm b154a1c5d6ac4e5b2a010fe2f1bf32eb mes5/SRPMS/qemu-0.9.1-0.r5137.1.2mdvmes5.src.rpm