Source: qemu Version: 0.6.1-1 Severity: grave Tags: security patch upstream squeeze wheezy jessie sid
This is a guest-triggerable buffer overrun in virtio-net device in qemu. The relevant code has been added to qemu in version 0.6, which means it is in all versions of debian. The network device is one of the most important network devices which qemu implements, so impact might be very high. Upstream commit fixing this issue: http://thread.gmane.org/gmane.comp.emulators.qemu/266713 Thanks, /mjt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
