ELA-283-1 qemu security update

multiple vulnerabilities

2020-09-14
Packageqemu
Version1:2.1+dfsg-12+deb8u17
Related CVEs CVE-2019-20382 CVE-2020-13253 CVE-2020-13754 CVE-2020-14364 CVE-2020-16092


Several vulnerabilities were discovered in QEMU, a fast processor emulator (notably used in KVM and Xen HVM virtualization). An attacker could trigger a denial-of-service (DoS) and possibly execute arbitrary code with the privileges of the QEMU process on the host.



For Debian 8 jessie, these problems have been fixed in version 1:2.1+dfsg-12+deb8u17.

We recommend that you upgrade your qemu packages.

Further information about Extended LTS security advisories can be found at: debian Extended Long term support