[Secure-testing-team] Bug#825207: qemu: CVE-2016-4964: scsi: mptsas infinite loop in mptsas_fetch_requests
Salvatore Bonaccorso
carnil at debian.org
Tue May 24 14:39:26 UTC 2016
Source: qemu
Version: 1:2.6+dfsg-1
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for qemu. AFAICS no fix is
available yet at the time of writing this bugreport. It should as well
only be introduced recently in 2.6.0, but please double check.
CVE-2016-4964[0]:
scsi: mptsas infinite loop in mptsas_fetch_requests
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-4964
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list