QEMU regression (USN-3047-2)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mirantis OpenStack |
Fix Released
|
High
|
Ivan Suzdal | ||
7.0.x |
Invalid
|
High
|
Anton Chevychalov | ||
8.0.x |
Invalid
|
High
|
Anton Chevychalov | ||
9.x |
Fix Released
|
High
|
Ivan Suzdal |
Bug Description
=======
USN-3047-2: QEMU regression
Ubuntu Security Notice USN-3047-2
12th August, 2016
qemu, qemu-kvm regression
=======
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Summary:
USN-3047-1 introduced a regression in QEMU.
- Software description:
qemu - Machine emulator and virtualizer
qemu-kvm - Machine emulator and virtualizer
- Details:
USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403
caused a regression which resulted in save/restore failures when virtio
memory balloon statistics are enabled. This update temporarily reverts the
security fix for CVE-2016-5403 pending further investigation. We apologize
for the inconvenience.
Original advisory details:
http://
- Update instructions:
The problem can be corrected by updating your system
http://
- References
http://
LP: 1612089, https:/
CVE References
tags: | added: on-verification |
MOS Linux team, could you please check whether our qemu is affected by the issue?