[Git][security-tracker-team/security-tracker][master] new qemu issues

Moritz Muehlenhoff jmm at debian.org
Wed Dec 19 08:41:17 GMT 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a35befa1 by Moritz Muehlenhoff at 2018-12-19T08:40:49Z
new qemu issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,11 @@
-CVE-2018-20216
+CVE-2018-20216 [pvrdma: infinite loop in pvrdma_qp_send/recv]
 	RESERVED
+	- qemu <unfixed> (unimportant)
+	[stretch] - qemu <not-affected> (Vulnerable code not present)
+	[jessie] - qemu <not-affected> (Vulnerable code not present)
+	- qemu-kvm <removed>
+	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03052.html
+	NOTE: RDMA support not enabled in the binary packages.
 CVE-2018-20215
 	RESERVED
 CVE-2018-20214
@@ -2225,10 +2231,22 @@ CVE-2018-20128 (An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback
 	NOT-FOR-US: UsualToolCMS
 CVE-2018-20127 (An issue was discovered in zzzphp cms 1.5.8. del_file in ...)
 	NOT-FOR-US: zzzphp cms
-CVE-2018-20126
+CVE-2018-20126 [pvrdma: memory leakage when creating cq/qp]
 	RESERVED
-CVE-2018-20125
+	- qemu <unfixed> (unimportant)
+	[stretch] - qemu <not-affected> (Vulnerable code not present)
+	[jessie] - qemu <not-affected> (Vulnerable code not present)
+	- qemu-kvm <removed>
+	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html	
+	NOTE: RDMA support not enabled in the binary packages.
+CVE-2018-20125 [pvrdma: null dereference or excessive memory allocation when creating QP/CQ]
 	RESERVED
+	- qemu <unfixed> (unimportant)
+	[stretch] - qemu <not-affected> (Vulnerable code not present)
+	[jessie] - qemu <not-affected> (Vulnerable code not present)
+	- qemu-kvm <removed>
+	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html
+	NOTE: RDMA support not enabled in the binary packages.
 CVE-2018-20124 [rdma: OOB access when building scatter-gather array]
 	RESERVED
 	- qemu <unfixed> (unimportant)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a35befa197c3edb91b005499103cd5a856d1e0a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a35befa197c3edb91b005499103cd5a856d1e0a8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181219/cae72d2b/attachment.html>

More information about the debian-security-tracker-commits mailing list