[Secure-testing-team] Bug#837174: qemu: CVE-2016-7155: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings

Fri Sep 9 18:33:24 UTC 2016

Source: qemu
Version: 1:2.1+dfsg-11
Severity: normal
Tags: security upstream

Hi,

the following vulnerability was published for qemu.

CVE-2016-7155[0]:
scsi: pvscsi: OOB read and infinite loop while setting descriptor rings

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-7155

Regards,
Salvatore