QEMU: Multiple vulnerabilities
Multiple vulnerabilities have been found in QEMU, the worst of
which could cause a Denial of Service condition.
November 18, 2016
January 02, 2017: 2
594368
594520
595192
596048
596738
596752
596774
596776
597108
597110
598044
598046
598328
603442
local
2.7.0-r6
2.7.0-r6
QEMU is a generic and open source machine emulator and virtualizer.
Multiple vulnerabilities have been discovered in QEMU. Please review the
CVE identifiers referenced below for details.
A privileged user /process within a guest QEMU environment can cause a
Denial of Service condition against the QEMU guest process or the host.
There is no known workaround at this time.
All QEMU users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/qemu-2.7.0-r6"
CVE-2016-10029
CVE-2016-7161
CVE-2016-7423
CVE-2016-7466
CVE-2016-7907
CVE-2016-7908
CVE-2016-7909
CVE-2016-7994
CVE-2016-8576
CVE-2016-8577
CVE-2016-8578
CVE-2016-8668
CVE-2016-8669
CVE-2016-8909
CVE-2016-8910
CVE-2016-9102
CVE-2016-9103
CVE-2016-9104
CVE-2016-9105
b-man
b-man