Debian Security Advisory DSA 2619-1 (xen-qemu-dm-4.0 - Buffer Overflow) Network Vulnerability

Summary

A buffer overflow was found in the e1000 emulation, which could be triggered when processing jumbo frames.

Solution

For the stable distribution (squeeze), this problem has been fixed in version 4.0.1-2+squeeze3. For the unstable distribution (sid), this problem has been fixed in version 4.1.3-8 of the xen source package. We recommend that you upgrade your xen-qemu-dm-4.0 packages.

Insight

This package is the Xen version of the Qemu emulator especially patched for its hypervisor. With xen-qemu-dm, you can run a fully virtualized virtual machine if your hardware supports it (Intel VT support, or AMD-v technology).

Affected

xen-qemu-dm-4.0 on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2013/dsa-2619.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-6075

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1026-1 (sash)
Debian Security Advisory DSA 069-1 (xloadimage)
Debian Security Advisory DSA 005-1 (slocate)
Debian Security Advisory DSA 1033-1 (horde3)
Debian Security Advisory DSA 082-1 (xvt)

Debian Security Advisory DSA 2619-1 (xen-qemu-dm-4.0 - buffer overflow)

Take action and discover your vulnerabilities