ELA-283-1 qemu security update

multiple vulnerabilities

2020-09-14
Packageqemu
Version1:2.1+dfsg-12+deb8u17
Related CVEs CVE-2019-20382 CVE-2020-13253 CVE-2020-13754 CVE-2020-14364 CVE-2020-16092

Several vulnerabilities were discovered in QEMU, a fast processor emulator (notably used in KVM and Xen HVM virtualization). An attacker could trigger a denial-of-service (DoS) and possibly execute arbitrary code with the privileges of the QEMU process on the host.

For Debian 8 jessie, these problems have been fixed in version 1:2.1+dfsg-12+deb8u17.

We recommend that you upgrade your qemu packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/