UbuntuUpdates.org

Package "qemu"

Name: qemu

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • extra block backend modules for qemu-system and qemu-utils
  • QEMU Full virtualization
  • QEMU full system emulation binaries
  • QEMU full system emulation binaries (arm)

Latest version: 1:2.5+dfsg-5ubuntu10.20
Release: xenial (16.04)
Level: security
Repository: main

Links

Save this URL for the latest version of "qemu": https://www.ubuntuupdates.org/qemu



Other versions of "qemu" in Xenial

Repository Area Version
base universe 1:2.5+dfsg-5ubuntu10
base main 1:2.5+dfsg-5ubuntu10
security universe 1:2.5+dfsg-5ubuntu10.20
updates main 1:2.5+dfsg-5ubuntu10.21
updates universe 1:2.5+dfsg-5ubuntu10.21
proposed universe 1:2.5+dfsg-5ubuntu10.21
proposed main 1:2.5+dfsg-5ubuntu10.21

Packages in group

Deleted packages are displayed in grey.

qemu-block-extra qemu-kvm qemu-system qemu-system-arm qemu-system-common
qemu-system-mips qemu-system-misc qemu-system-ppc qemu-system-sparc qemu-system-x86
qemu-utils

Changelog

Version: 1:2.5+dfsg-5ubuntu10.20 2018-02-07 19:06:35 UTC

  qemu (1:2.5+dfsg-5ubuntu10.20) xenial-security; urgency=medium

  * SECURITY UPDATE: Add support for Spectre mitigations (LP: #1744882)
    - debian/patches/CVE-2017-5715-1.patch: Lengthen X86CPUDefinition::
      model_id in target-i386/cpu.c.
    - debian/patches/CVE-2017-5715-2.patch: Add support for SPEC_CTRL MSR
      in target-i386/cpu.h, target-i386/kvm.c, target-i386/machine.c.
    - debian/patches/CVE-2017-5715-3pre1.patch: add FEAT_7_0_ECX and
      FEAT_7_0_EDX in target-i386/cpu.c, target-i386/cpu.h.
    - debian/patches/CVE-2017-5715-3.patch: Add spec-ctrl CPUID bit in
      target-i386/cpu.c, target-i386/cpu.h.
    - debian/patches/CVE-2017-5715-4.patch: Add FEAT_8000_0008_EBX CPUID
      feature word in target-i386/cpu.c, target-i386/cpu.h.
    - debian/patches/CVE-2017-5715-5.patch: Add new -IBRS versions of Intel
      CPU models in target-i386/cpu.c.
    - debian/patches/CVE-2017-5715-s390x-1.patch: add linux-header content
      for bpbc in linux-headers/asm-s390/kvm.h, linux-headers/linux/kvm.h.
    - debian/patches/CVE-2017-5715-s390x-2.patch: handle bpb feature in
      target-s390x/cpu.c, target-s390x/cpu.h, target-s390x/kvm.c.
    - CVE-2017-5715

 -- Marc Deslauriers <email address hidden> Thu, 01 Feb 2018 13:27:34 -0500

Source diff to previous version
1744882 Add SPEC_CTRL and IBRS changes
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at

Version: 1:2.5+dfsg-5ubuntu10.16 2017-09-20 19:06:23 UTC

  qemu (1:2.5+dfsg-5ubuntu10.16) xenial-security; urgency=medium

  * SECURITY REGRESSION: regression in in USB xHCI emulation (LP: #1718222)
    - debian/patches/CVE-2017-9375-regression.patch: don't kick in
      xhci_submit and xhci_fire_ctl_transfer in hw/usb/hcd-xhci.c.

 -- Marc Deslauriers <email address hidden> Wed, 20 Sep 2017 07:25:44 -0400

Source diff to previous version

Version: 1:2.5+dfsg-5ubuntu10.15 2017-09-13 23:06:40 UTC

  qemu (1:2.5+dfsg-5ubuntu10.15) xenial-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via virtFS
    - debian/patches/CVE-2017-7493.patch: forbid client access to metadata
      in hw/9pfs/virtio-9p-local.c.
    - CVE-2017-7493
  * SECURITY UPDATE: DoS via message ring page count
    - debian/patches/CVE-2017-8112.patch: check page count in
      hw/scsi/vmw_pvscsi.c.
    - CVE-2017-8112
  * SECURITY UPDATE: DoS via OOB read in MegaSAS
    - debian/patches/CVE-2017-8380.patch: avoid off-by-one in
      hw/scsi/megasas.c.
    - CVE-2017-8380
  * SECURITY UPDATE: DoS in USB OHCI emulation
    - debian/patches/CVE-2017-9330.patch: fix error code in
      hw/usb/hcd-ohci.c.
    - CVE-2017-9330
  * SECURITY UPDATE: DoS in IDE AHCI emulation
    - debian/patches/CVE-2017-9373-1.patch: add cleanup function in
      hw/ide/core.c, hw/ide/internal.h.
    - debian/patches/CVE-2017-9373-2.patch: call cleanup function in
      hw/ide/ahci.c.
    - CVE-2017-9373
  * SECURITY UPDATE: DoS in USB EHCI emulation
    - debian/patches/CVE-2017-9374.patch: fix memory leak in
      hw/usb/hcd-ehci-pci.c, hw/usb/hcd-ehci.c, hw/usb/hcd-ehci.h.
    - CVE-2017-9374
  * SECURITY UPDATE: DoS in USB xHCI emulation
    - debian/patches/CVE-2017-9375.patch: guard against recursive calls in
      hw/usb/hcd-xhci.c.
    - CVE-2017-9375
  * SECURITY UPDATE: DoS in MegaSAS
    - debian/patches/CVE-2017-9503-1.patch: add test to
      tests/Makefile, tests/megasas-test.c.
    - debian/patches/CVE-2017-9503-2.patch: do not read sense length more
      than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-3.patch: do not read iovec count more
      than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-4.patch: do not read DCMD opcode more
      than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-5.patch: do not read command more than
      once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-6.patch: do not read SCSI req parameters
      more than once in hw/scsi/megasas.c.
    - debian/patches/CVE-2017-9503-7.patch: always store SCSIRequest* into
      MegasasCmd in hw/scsi/megasas.c, added test to tests/megasas-test.c.
    - CVE-2017-9503
  * SECURITY UPDATE: DoS via incorrect SIGPIPE handling
    - debian/patches/CVE-2017-10664.patch: ignore SIGPIPE in qemu-nbd.c.
    - CVE-2017-10664
  * SECURITY UPDATE: stack overflow in usbredir_log_data
    - debian/patches/CVE-2017-10806.patch: use qemu_hexdump in
      hw/usb/redirect.c.
    - CVE-2017-10806
  * SECURITY UPDATE: memory disclosure in Xen block-interface responses
    - debian/patches/CVE-2017-10911.patch: fill the fields directly in
      hw/block/xen_disk.c.
    - CVE-2017-10911
  * SECURITY UPDATE: DoS via crafted DHCP options string
    - debian/patches/CVE-2017-11434.patch: check length in slirp/bootp.c.
    - CVE-2017-11434
  * SECURITY UPDATE: DoS via flushing empty CDROM drives
    - debian/patches/CVE-2017-12809.patch: don't flush empty drives in
      hw/ide/core.c.
    - CVE-2017-12809

 -- Marc Deslauriers <email address hidden> Tue, 22 Aug 2017 10:05:29 -0400

Source diff to previous version

Version: 1:2.5+dfsg-5ubuntu10.14 2017-05-16 19:06:46 UTC

  qemu (1:2.5+dfsg-5ubuntu10.14) xenial-security; urgency=medium

  * SECURITY UPDATE: denial of service via leak in virtFS
    - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
      hw/9pfs/virtio-9p.c.
    - CVE-2017-7377
  * SECURITY UPDATE: denial of service in cirrus_vga
    - debian/patches/CVE-2017-7718.patch: check parameters in
      hw/display/cirrus_vga_rop.h.
    - CVE-2017-7718
  * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
    - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
      hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
      hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
      in hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
      hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
      in hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
      pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
      hw/display/cirrus_vga_rop2.h.
    - debian/patches/CVE-2017-7980-7.patch: stop passing around src
      pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
      hw/display/cirrus_vga_rop2.h.
    - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
      hw/display/cirrus_vga_rop.h.
    - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
      hw/display/cirrus_vga.c.
    - CVE-2017-7980
  * SECURITY UPDATE: denial of service via memory leak in virtFS
    - debian/patches/CVE-2017-8086.patch: fix leak in
      hw/9pfs/virtio-9p-xattr.c.
    - CVE-2017-8086
  * SECURITY UPDATE: denial of service via leak in audio
    - debian/patches/CVE-2017-8309.patch: release capture buffers in
      audio/audio.c.
    - CVE-2017-8309
  * SECURITY UPDATE: denial of service via leak in keyboard
    - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
      ui/input.c.
    - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
      ui/input.c.
    - CVE-2017-8379
  * SECURITY REGRESSION: Windows 7 VGA compatibility issue (LP: #1581936)
    - debian/patches/lp1581936.patch: add sr_vbe register set to
      hw/display/vga.c, hw/display/vga_int.h.

 -- Marc Deslauriers <email address hidden> Wed, 10 May 2017 10:09:29 -0400

Source diff to previous version
1581936 Frozen Windows 7 VMs with VGA CVE-2016-3712 fix (2.6.0 and 2.5.1.1)
CVE-2017-7377 The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a deni
CVE-2017-7718 hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and
CVE-2017-8086 Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a deni
CVE-2017-8309 audio: host memory leakage via capture buffer
CVE-2017-8379 input: host memory lekage via keyboard

Version: 1:2.5+dfsg-5ubuntu10.11 2017-04-20 22:07:12 UTC

  qemu (1:2.5+dfsg-5ubuntu10.11) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS in virtio GPU device
    - debian/patches/CVE-2016-10028.patch: check virgl capabilities
      max_size in hw/display/virtio-gpu-3d.c.
    - CVE-2016-10028
  * SECURITY UPDATE: DoS in virtio GPU device
    - debian/patches/CVE-2016-10029-*.patch: check values in
      hw/display/virtio-gpu.c, hw/display/virtio-gpu-3d.c,
      include/hw/virtio/virtio-gpu.h.
    - CVE-2016-10029
  * SECURITY UPDATE: DoS via 6300esb unplug operations
    - debian/patches/CVE-2016-10155.patch: add exit function in
      hw/watchdog/wdt_i6300esb.c.
    - CVE-2016-10155
  * SECURITY UPDATE: DoS in i.MX Fast Ethernet Controller
    - debian/patches/CVE-2016-7907.patch: limit buffer descriptor count in
      hw/net/imx_fec.c.
    - CVE-2016-7907
  * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation
    - debian/patches/CVE-2016-8667.patch: limit interval timer reload value
      in hw/dma/rc4030.c.
    - CVE-2016-8667
  * SECURITY UPDATE: DoS in 16550A UART emulation
    - debian/patches/CVE-2016-8669.patch: check divider value against baud
      base in hw/char/serial.c.
    - CVE-2016-8669
  * SECURITY UPDATE: privilege escalation via ioreq handling
    - debian/patches/CVE-2016-9381.patch: avoid double fetches and add
      bounds checks to xen-hvm.c.
    - CVE-2016-9381
  * SECURITY UPDATE: host filesystem access via virtFS
    - debian/patches/CVE-2016-9602-*.patch: don't follow symlinks in
      hw/9pfs/*.
    - CVE-2016-9602
  * SECURITY UPDATE: arbitrary code execution via Cirrus VGA
    - debian/patches/CVE-2016-9603.patch: remove bitblit support from
      console code in hw/display/cirrus_vga.c, include/ui/console.h,
      ui/console.c, ui/vnc.c.
    - CVE-2016-9603
  * SECURITY UPDATE: infinite loop in ColdFire Fast Ethernet Controller
    - debian/patches/CVE-2016-9776.patch: check receive buffer size
      register value in hw/net/mcf_fec.c.
    - CVE-2016-9776
  * SECURITY UPDATE: information leak in virtio GPU device
    - debian/patches/CVE-2016-9845.patch: properly clear out memory in
      hw/display/virtio-gpu-3d.c.
    - CVE-2016-9845
  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
    - debian/patches/CVE-2016-9846.patch: properly free memory in
      hw/display/virtio-gpu.c.
    - CVE-2016-9846
  * SECURITY UPDATE: DoS via memory leak in USB redirector
    - debian/patches/CVE-2016-9907.patch: properly free memory in
      hw/usb/redirect.c.
    - CVE-2016-9907
  * SECURITY UPDATE: information leak in virtio GPU device
    - debian/patches/CVE-2016-9908.patch: properly clear out memory in
      hw/display/virtio-gpu-3d.c.
    - CVE-2016-9908
  * SECURITY UPDATE: DoS via memory leak in USB EHCI Emulation
    - debian/patches/CVE-2016-9911.patch: properly free memory in
      hw/usb/hcd-ehci.c.
    - CVE-2016-9911
  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
    - debian/patches/CVE-2016-9912.patch: properly free memory in
      hw/display/virtio-gpu.c.
    - CVE-2016-9912
  * SECURITY UPDATE: DoS via virtFS
    - debian/patches/CVE-2016-9913.patch: adjust the order of resource
      cleanup in hw/9pfs/virtio-9p-device.c.
    - CVE-2016-9913
  * SECURITY UPDATE: DoS via virtFS
    - debian/patches/CVE-2016-9914-*.patch: add cleanup operations to
      fsdev/file-op-9p.h, hw/9pfs/virtio-9p-device.c.
    - CVE-2016-9914
  * SECURITY UPDATE: DoS via virtFS
    - debian/patches/CVE-2016-9915.patch: add cleanup operation to
      hw/9pfs/virtio-9p-handle.c.
    - CVE-2016-9915
  * SECURITY UPDATE: DoS via virtFS
    - debian/patches/CVE-2016-9916.patch: add cleanup operation to
      hw/9pfs/virtio-9p-proxy.c.
    - CVE-2016-9916
  * SECURITY UPDATE: DoS in Cirrus VGA
    - debian/patches/CVE-2016-9921-9922.patch: check bpp values in
      hw/display/cirrus_vga.c.
    - CVE-2016-9921
    - CVE-2016-9922
  * SECURITY UPDATE: code execution via Cirrus VGA
    - debian/patches/CVE-2017-2615.patch: fix oob access in
      hw/display/cirrus_vga.c.
    - CVE-2017-2615
  * SECURITY UPDATE: code execution via Cirrus VGA
    - debian/patches/CVE-2017-2620-pre.patch: add extra parameter to
      blit_is_unsafe in hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-2620.patch: add blit destination check to
      hw/display/cirrus_vga.c.
    - CVE-2017-2620
  * SECURITY UPDATE: DoS via memory leak in ac97 audio device
    - debian/patches/CVE-2017-5525.patch: add exit function to
      hw/audio/ac97.c.
    - CVE-2017-5525
  * SECURITY UPDATE: DoS via memory leak in es1370 audio device
    - debian/patches/CVE-2017-5526.patch: add exit function to
      hw/audio/es1370.c.
    - CVE-2017-5526
  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
    - debian/patches/CVE-2017-5552.patch: check return value in
      hw/display/virtio-gpu-3d.c.
    - CVE-2017-5552
  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
    - debian/patches/CVE-2017-5578.patch: check res->iov in
      hw/display/virtio-gpu.c.
    - CVE-2017-5578
  * SECURITY UPDATE: DoS via memory leak in 16550A UART emulation
    - debian/patches/CVE-2017-5579.patch: properly free resources in
      hw/char/serial.c.
    - CVE-2017-5579
  * SECURITY UPDATE: code execution via SDHCI device emulation
    - debian/patches/CVE-2017-5667.patch: check data length in
      hw/sd/sdhci.c.
    - CVE-2017-5667
  * SECURITY UPDATE: DoS via memory leak in MegaRAID SAS device
    - debian/patches/CVE-2017-5856.patch: properly handle memory in
      hw/scsi/megasas.c.
    - CVE-2017-5856
  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
    - debian/patches/CVE-2017-5857.patch: properly clean up in
      hw/display/virtio-gpu-3d.c.
    - CVE-2017-5857
  * SECURITY UPDATE: DoS in CCID Card device
    - debian/patches/CVE-2017-5898.patch: check ccid apdu length in
      hw/usb/dev-smartcard-reader.c.
    - CVE-2017-5898
  * SECURITY UPDATE: DoS via infinite loop in USB xHCI controller emulator
    - debian

1647389 Regression: Live migrations can still crash after CVE-2016-5403 fix
CVE-2016-1002 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 2
CVE-2016-1015 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to
CVE-2016-7907 The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting pac
CVE-2016-8667 The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-b
CVE-2016-8669 The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of serv
CVE-2016-9381 qemu incautious about shared ring processing
CVE-2016-9602 9p: virtfs allows guest to access host filesystem
CVE-2016-9603 cirrus: heap buffer overflow via vnc connection
CVE-2016-9776 QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur w
CVE-2016-9845 QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while proce
CVE-2016-9846 QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating th
CVE-2016-9907 Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB
CVE-2016-9908 Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processin
CVE-2016-9911 Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data
CVE-2016-9912 Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu
CVE-2016-9913 Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause
CVE-2016-9914 Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption
CVE-2016-9915 Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory cons
CVE-2016-9916 Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consu
CVE-2016-9921 Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA
CVE-2016-9922 The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileg
CVE-2017-2620 display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo
CVE-2017-5525 Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumpt
CVE-2017-5526 Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consum
CVE-2017-5552 Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to c
CVE-2017-5578 Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to
CVE-2017-5579 Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denia
CVE-2017-5667 The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial
CVE-2017-5856 Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a d
CVE-2017-5857 Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause
CVE-2017-5898 Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card devic
CVE-2017-5973 The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (i
CVE-2017-5987 The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial
CVE-2017-6505 The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (infinit
CVE-2016-5403 The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QE



About   -   Send Feedback to @ubuntu_updates