ELA-283-1 qemu security update

multiple vulnerabilities

Related CVEs CVE-2019-20382 CVE-2020-13253 CVE-2020-13754 CVE-2020-14364 CVE-2020-16092

Several vulnerabilities were discovered in QEMU, a fast processor emulator (notably used in KVM and Xen HVM virtualization). An attacker could trigger a denial-of-service (DoS) and possibly execute arbitrary code with the privileges of the QEMU process on the host.

For Debian 8 jessie, these problems have been fixed in version 1:2.1+dfsg-12+deb8u17.

We recommend that you upgrade your qemu packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.