CVE-2016-5403

Note

the patch for this CVE introduced a regression and was later
reverted pending investigation. See LP: #1612089.
proposed regression fixes:
http://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg01038.html
http://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg02666.html

Package	Release	Status
qemu Launchpad, Ubuntu, Debian	Upstream	Needs triage





	Ubuntu 16.04 ESM (Xenial Xerus)	Released (1:2.5+dfsg-5ubuntu10.6)
	Ubuntu 14.04 ESM (Trusty Tahr)	Released (2.0.0+dfsg-2ubuntu1.30)
	Patches: Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=afd9096eb1882f23929f5b5c177898ed231bac66 Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=bccdef6b1a204db0f41ffb6e24ce373e4d7890d4 Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=58a83c61496eeb0d31571a07a51bc1947e3379ac Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=4b7f91ed0270a371e1933efa21ba600b6da23ab9 Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=104e70cae78bd4afd95d948c6aff188f10508a9c
qemu-kvm Launchpad, Ubuntu, Debian	Upstream	Needs triage





	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
xen Launchpad, Ubuntu, Debian	Upstream	Needs triage





	Ubuntu 16.04 ESM (Xenial Xerus)	Not vulnerable (uses system qemu)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was released [4.4.2-0ubuntu0.14.04.7])
	Binaries built from this source package are in Universe and so are supported by the community.

CVE-2016-5403

Medium

Status

Notes

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading