QEMU: Multiple vulnerabilities
Multiple vulnerabilities have been found in QEMU, the worst of
which may allow a remote attacker to cause a Denial of Service or gain
elevated privileges from a guest VM.
qemu
2016-02-04
2016-02-04
544328
549404
557206
558416
559656
560422
560550
560760
566792
567144
567828
567868
568214
568226
568246
569646
570110
570988
571562
571564
571566
local, remote
2.5.0-r1
2.5.0-r1
QEMU is a generic and open source machine emulator and virtualizer.
Multiple vulnerabilities have been discovered in QEMU. Please review the
CVE identifiers referenced below for details.
A remote attacker might cause a Denial of Service or gain escalated
privileges from a guest VM.
There is no known workaround at this time.
All QEMU users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/qemu-2.5.0-r1"
CVE-2015-1779
CVE-2015-3456
CVE-2015-5225
CVE-2015-5278
CVE-2015-5279
CVE-2015-5745
CVE-2015-6815
CVE-2015-6855
CVE-2015-7295
CVE-2015-7504
CVE-2015-7512
CVE-2015-7549
CVE-2015-8345
CVE-2015-8504
CVE-2015-8556
CVE-2015-8558
CVE-2015-8567
CVE-2015-8568
CVE-2015-8666
CVE-2015-8701
CVE-2015-8743
CVE-2015-8744
CVE-2015-8745
CVE-2016-1568
K_F
K_F