[Secure-testing-team] Bug#826152: qemu: CVE-2016-5238: scsi: esp: OOB write when using non-DMA mode in get_cmd
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 2 18:51:37 UTC 2016
Source: qemu
Version: 2.1+dfsg-1
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for qemu.
CVE-2016-5238[0]:
scsi: esp: OOB write when using non-DMA mode in get_cmd
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-5238
[1] https://marc.info/?l=oss-security&m=146488391120323&w=2
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1341931
Regards,
Salvatore
More information about the Secure-testing-team
mailing list