Package "qemu-user"

Name: qemu-user


QEMU user mode emulation binaries

Latest version: 1:5.0-5ubuntu9.8
Release: groovy (20.10)
Level: updates
Repository: universe
Head package: qemu
Homepage: http://www.qemu.org/


Download "qemu-user"

Other versions of "qemu-user" in Groovy

Repository Area Version
base universe 1:5.0-5ubuntu9
security universe 1:5.0-5ubuntu9.6


Version: 1:5.0-5ubuntu9.8 2021-05-06 10:06:30 UTC

  qemu (1:5.0-5ubuntu9.8) groovy; urgency=medium

  * d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
    on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
    (LP: #1921754)
  * d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
    (LP: #1921880)

 -- Christian Ehrhardt <email address hidden> Wed, 07 Apr 2021 11:58:29 +0200

Source diff to previous version
1921754 Add missing cpu feature bits in EPYC-Rome model
1921880 Add EPYC-Milan model

Version: 1:5.0-5ubuntu9.7 2021-04-15 11:06:26 UTC

  qemu (1:5.0-5ubuntu9.7) groovy; urgency=medium

  * d/p/u/lp-1921468-*: fix issues handling boot menu index on s390x
    (LP: #1921468)
  * d/p/u/lp-1887535-configure-replace-enable-disable-git-update-with-wit.patch,
    d/rules: Backport --with-git-submodules param so building from git repo
    doesn't fail (LP: #1887535)
  * Fix byte aligned writes when writing to image stored on NFS
    server, as they aren't required to be 4kib aligned. (LP: #1921665)
    - d/p/u/lp-1921665-1-block-Require-aligned-image-size-to-avoid-assert.patch
    - d/p/u/lp-1921665-2-file-posix-Allow-byte-aligned-O_DIRECT-with-NFS.patch

 -- Christian Ehrhardt <email address hidden> Fri, 26 Mar 2021 10:36:31 +0100

Source diff to previous version
1921468 [UBUNTU 20.04] KVM guest fails to find zipl boot menu index
1887535 build operates differently if source is a git repo
1921665 QEMU hits assertion when virtual disk is stored on NFS server and is not 4 kib byte aligned

Version: 1:5.0-5ubuntu9.6 2021-02-22 19:07:05 UTC

  qemu (1:5.0-5ubuntu9.6) groovy-security; urgency=medium

  * SECURITY REGRESSION: fix multiple regressions caused by CVE-2020-13754
    security update (LP: #1914883)
    - debian/patches/ubuntu/CVE-2020-13754-3.patch: log invalid memory
      accesses in memory.c.
    - debian/patches/ubuntu/CVE-2020-13754-4.patch: allow 16-bit writes to
      memory region in hw/riscv/sifive_test.c.
    - debian/patches/ubuntu/CVE-2020-13754-5.patch: allow 64-bit accesses
      in hw/timer/slavio_timer.c.
    - debian/patches/ubuntu/CVE-2020-13754-6.patch: allow less than 32-bit
      accesses in hw/char/bcm2835_aux.c.
    - debian/patches/ubuntu/CVE-2020-13754-7.patch: unbreak size mismatch
      memory accesses in hw/display/artist.c.

 -- Marc Deslauriers <email address hidden> Wed, 10 Feb 2021 08:10:20 -0500

Source diff to previous version
1914883 hart0: trap handler failed (error -2) (Needs cherry-pick ab3d207f)
CVE-2020-13754 hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

Version: 1:5.0-5ubuntu9.4 2021-02-08 15:07:36 UTC

  qemu (1:5.0-5ubuntu9.4) groovy-security; urgency=medium

  * SECURITY UPDATE: use-after-free in e1000e
    - debian/patches/ubuntu/CVE-2020-15859.patch: forbid the reentrant RX
      in net/queue.c.
    - CVE-2020-15859
  * SECURITY UPDATE: OOB write to MSI-X table
    - debian/patches/ubuntu/CVE-2020-27821.patch: clamp cached translation
      in case it points to an MMIO region in exec.c.
    - CVE-2020-27821
  * SECURITY UPDATE: infinite loop in e1000e
    - debian/patches/ubuntu/CVE-2020-28916.patch: advance desc_offset in
      case of null descriptor in hw/net/e1000e_core.c.
    - CVE-2020-28916
  * SECURITY UPDATE: out of bounds read in atapi
    - debian/patches/ubuntu/CVE-2020-29443-1.patch: assert that the buffer
      pointer is in range in hw/ide/atapi.c.
    - debian/patches/ubuntu/CVE-2020-29443-2.patch: check logical block
      address and read size in hw/ide/atapi.c.
    - CVE-2020-29443
  * SECURITY UPDATE: use after free in 9p
    - debian/patches/ubuntu/CVE-2021-20181.patch: fully restart unreclaim
      loop in hw/9pfs/9p.c.
    - CVE-2021-20181

 -- Marc Deslauriers <email address hidden> Wed, 03 Feb 2021 10:35:16 -0500

Source diff to previous version
CVE-2020-15859 QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000
CVE-2020-27821 A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds w
CVE-2020-28916 hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.
CVE-2020-29443 ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
CVE-2021-20181 9pfs: Fully restart unreclaim loop

Version: 1:5.0-5ubuntu9.3 2021-01-18 19:06:33 UTC

  qemu (1:5.0-5ubuntu9.3) groovy; urgency=medium

  * d/p/ubuntu/lp-1907656-s390x-s390-virtio-ccw-Reset-PCI-devices-during-subsy:
    avoid PCI devices to become unavailable on reset (LP: #1907656)
  * d/rules: fix qemu-user-static to really be static (LP: #1908331)

 -- Christian Ehrhardt <email address hidden> Tue, 05 Jan 2021 15:46:16 +0100

1907656 [UBUNTU 21.04] s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset
1908331 Regression: qemu-user-static binaries are dynamically linked

About   -   Send Feedback to @ubuntu_updates