Package "qemu-system"
Name: |
qemu-system
|
Description: |
QEMU full system emulation binaries
|
Latest version: |
1:6.2+dfsg-2ubuntu6.22 |
Release: |
jammy (22.04) |
Level: |
updates |
Repository: |
main |
Head package: |
qemu |
Homepage: |
http://www.qemu.org/ |
Links
Download "qemu-system"
Other versions of "qemu-system" in Jammy
Changelog
qemu (1:6.2+dfsg-2ubuntu6.16) jammy-security; urgency=medium
* SECURITY UPDATE: infinite loop in USB xHCI controller
- debian/patches/CVE-2020-14394.patch: fix unbounded loop in
hw/usb/hcd-xhci.c.
- CVE-2020-14394
* SECURITY UPDATE: OOB read in RDMA device
- debian/patches/CVE-2023-1544.patch: protect against buggy or
malicious guest driver in hw/rdma/vmw/pvrdma_main.c.
- CVE-2023-1544
* SECURITY UPDATE: 9pfs special file access
- debian/patches/CVE-2023-2861.patch: prevent opening special files in
fsdev/virtfs-proxy-helper.c, hw/9pfs/9p-util.h.
- CVE-2023-2861
* SECURITY UPDATE: heap overflow in crypto device
- debian/patches/CVE-2023-3180.patch: verify src&dst buffer length for
sym request in hw/virtio/virtio-crypto.c.
- CVE-2023-3180
* SECURITY UPDATE: infinite loop in VNC server
- debian/patches/CVE-2023-3255.patch: fix infinite loop in
inflate_buffer in ui/vnc-clipboard.c.
- CVE-2023-3255
* SECURITY UPDATE: race in virtio-net hot-unplug
- debian/patches/CVE-2023-3301.patch: do not cleanup the vdpa/vhost-net
structures if peer nic is present in net/vhost-vdpa.c.
- CVE-2023-3301
* SECURITY UPDATE: DoS in VNC server
- debian/patches/CVE-2023-3354.patch: remove io watch if TLS channel is
closed during handshake in include/io/channel-tls.h,
io/channel-tls.c.
- CVE-2023-3354
* SECURITY UPDATE: disk offset 0 access
- debian/patches/CVE-2023-5088.patch: cancel async DMA operation before
resetting state in hw/ide/core.c.
- CVE-2023-5088
* SECURITY UPDATE: DoS in Intel HD Audio device
- debian/patches/CVE-2021-3611-*.patch: add MemTxAttrs argument to
DMA functions and use it in hw/audio/intel-hda.c.
- CVE-2021-3611
-- Marc Deslauriers <email address hidden> Thu, 30 Nov 2023 09:53:27 -0500
|
Source diff to previous version |
CVE-2020-14394 |
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. Thi |
CVE-2023-1544 |
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a |
CVE-2023-2861 |
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host s |
CVE-2023-3180 |
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no ch |
CVE-2023-3255 |
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when in |
CVE-2023-3301 |
A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci fr |
CVE-2023-3354 |
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections cro |
CVE-2023-5088 |
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overw |
CVE-2021-3611 |
A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU pr |
|
qemu (1:6.2+dfsg-2ubuntu6.15) jammy; urgency=medium
* d/rules: remove --no-start for qemu-guest-agent (LP: #2028124)
-- Mitchell Dzurick <email address hidden> Fri, 15 Sep 2023 14:39:05 -0400
|
Source diff to previous version |
2028124 |
apt dist-upgrade does not restart package qemu-guest-agent |
|
qemu (1:6.2+dfsg-2ubuntu6.14) jammy; urgency=medium
* d/u/lp-2033957-virtiofsd-Fix-breakage-due-to-fuse_init_in.patch:
Fix virtiofsd breakage due to fuse_init_in size change, which
happened because of the Linux kernel 5.17 headers that were
imported in a previous patch. (LP: #2033957)
-- Sergio Durigan Junior <email address hidden> Tue, 05 Sep 2023 22:58:36 -0400
|
Source diff to previous version |
2033957 |
virtiofs guest connection refused after upgrade qemu-system-x86:amd64 (1:6.2+dfsg-2ubuntu6.12, 1:6.2+dfsg-2ubuntu6.13) |
|
qemu (1:6.2+dfsg-2ubuntu6.13) jammy; urgency=medium
* d/p/u/lp-1853307-*.patch: Backport patches to implement Enhanced
Interpretation for PCI Functions (s390x). (LP: #1853307)
-- Sergio Durigan Junior <email address hidden> Wed, 05 Jul 2023 10:47:05 -0400
|
Source diff to previous version |
1853307 |
[22.04 FEAT] Enhanced Interpretation for PCI Functions - qemu part |
|
qemu (1:6.2+dfsg-2ubuntu6.12) jammy; urgency=medium
[ Chengen Du ]
* d/p/u/lp2025591-block-use-the-request-length-for-iov-alignment.patch:
Fix boot error on the HWE 6.2 kernel with direct IO (eg, cache=none)
if the logical block size is smaller than in the host (LP: #2025591)
-- Mauricio Faria de Oliveira <email address hidden> Mon, 03 Jul 2023 18:00:25 -0300
|
2025591 |
Boot error on Jammy on the 6.2 HWE kernel (Lunar) with direct IO if virtual block size \u003c host block size |
|
About
-
Send Feedback to @ubuntu_updates