Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 10 Jun 2015 16:24:06 +0200
From: Petr Matousek <pmatouse@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: Xen Security Advisory 135 (CVE-2015-3209) - Heap
 overflow in QEMU PCNET controller, allowing guest->host escape

On Wed, Jun 10, 2015 at 02:10:37PM +0000, Xen.org security team wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
>             Xen Security Advisory CVE-2015-3209 / XSA-135
>                               version 3
> 
>  Heap overflow in QEMU PCNET controller, allowing guest->host escape

QEMU upstream patch submission:
https://www.mail-archive.com/qemu-devel@...gnu.org/msg302403.html

Red Hat bug:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3209

-- 
Petr Matousek / Red Hat Product Security
PGP: 0xC44977CA 8107 AF16 A416 F9AF 18F3  D874 3E78 6F42 C449 77CA

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ