Package "qemu"
| Name: |
qemu
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- Guest-side qemu-system agent
- QEMU minimized system emulation binaries (x86)
- QEMU full system emulation binaries (x86)
- QEMU user mode emulation binaries
|
| Latest version: |
1:4.2-3ubuntu6.29 |
| Release: |
focal (20.04) |
| Level: |
updates |
| Repository: |
universe |
Links
Other versions of "qemu" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
|
qemu (1:4.2-3ubuntu6.24) focal-security; urgency=medium
* SECURITY UPDATE: DMA reentrancy issue
- debian/patches/CVE-2021-3750.patch: Introduce MemTxAttrs::memory
field and MEMTX_ACCESS_ERROR
- CVE-2021-3750
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
lsi_do_msgout
- CVE-2022-0216
-- Nishit Majithia <email address hidden> Thu, 08 Dec 2022 14:45:56 +0530
|
| Source diff to previous version |
| CVE-2021-3750 |
A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO regi |
| CVE-2022-0216 |
A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated message |
|
|
qemu (1:4.2-3ubuntu6.23) focal-security; urgency=medium
* SECURITY UPDATE: heap overflow in floppy disk emulator
- debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
hw/block/fdc.c.
- CVE-2021-3507
* SECURITY UPDATE: integer overflow in QXL display device emulation
- debian/patches/CVE-2021-4206.patch: check width and height in
hw/display/qxl-render.c, hw/display/vmware_vga.c, ui/cursor.c.
- CVE-2021-4206
* SECURITY UPDATE: heap overflow in QXL display device emulation
- debian/patches/CVE-2021-4207.patch: fix race condition in qxl_cursor
in hw/display/qxl-render.c.
- CVE-2021-4207
* SECURITY UPDATE: memory leakage in virtio-net device
- debian/patches/CVE-2022-26353.patch: fix map leaking on error during
receive in hw/net/virtio-net.c.
- CVE-2022-26353
* SECURITY UPDATE: memory leakage in vhost-vsock device
- debian/patches/CVE-2022-26354.patch: detach the virqueue element in
case of error in hw/virtio/vhost-vsock.c.
- CVE-2022-26354
-- Marc Deslauriers <email address hidden> Thu, 09 Jun 2022 11:35:04 -0400
|
| Source diff to previous version |
| CVE-2021-3507 |
A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block |
| CVE-2021-4206 |
A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a smal |
| CVE-2021-4207 |
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.he |
| CVE-2022-26353 |
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the c |
| CVE-2022-26354 |
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memor |
|
|
qemu (1:4.2-3ubuntu6.21) focal-security; urgency=medium
* SECURITY UPDATE: crash or code exec in USB redirector device emulation
- debian/patches/CVE-2021-3682.patch: fix free call in
hw/usb/redirect.c.
- CVE-2021-3682
* SECURITY UPDATE: heap use-after-free in virtio_net_receive_rcu
- debian/patches/CVE-2021-3748.patch: fix use after unmap/free for sg
in hw/net/virtio-net.c.
- CVE-2021-3748
* SECURITY UPDATE: off-by-one error in mode_sense_page()
- debian/patches/CVE-2021-3930.patch: MODE_PAGE_ALLS not allowed in
MODE SELECT commands in hw/scsi/scsi-disk.c.
- CVE-2021-3930
* SECURITY UPDATE: NULL dereference in floppy disk emulator
- debian/patches/CVE-2021-20196-1.patch: Extract
blk_create_empty_drive() in hw/block/fdc.c.
- debian/patches/CVE-2021-20196-2.patch: kludge missing floppy drive in
hw/block/fdc.c.
- CVE-2021-20196
* SECURITY UPDATE: integer overflow in vmxnet3 NIC emulator
- debian/patches/CVE-2021-20203.patch: validate configuration values
during activate in hw/net/vmxnet3.c.
- CVE-2021-20203
-- Marc Deslauriers <email address hidden> Tue, 22 Feb 2022 12:44:44 -0500
|
| Source diff to previous version |
| CVE-2021-3682 |
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfe |
| CVE-2021-3748 |
virtio-net: heap use-after-free in virtio_net_receive_rcu |
| CVE-2021-3930 |
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the |
| CVE-2021-20196 |
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the s |
| CVE-2021-20203 |
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid |
|
|
qemu (1:4.2-3ubuntu6.19) focal; urgency=medium
* d/p/u/lp-1749393-linux-user-Reserve-space-for-brk.patch: fix static
use cases needing a lot of brk space (LP: #1749393)
* d/p/u/lp-1929926-target-s390x-Fix-translation-exception-on-illegal-in.patch:
fix uretprobe in s390x TCG (LP: #1929926)
-- Christian Ehrhardt <email address hidden> Mon, 26 Apr 2021 11:11:19 +0200
|
| Source diff to previous version |
| 1749393 |
sbrk() not working under qemu-user with a PIE-compiled binary? |
| 1929926 |
[UBUNTU 21.10] qemu: target/s390x: Fix translation exception on illegal instruction |
|
|
qemu (1:4.2-3ubuntu6.18) focal; urgency=medium
* enhance loading of old modules post upgrade (LP: #1913421)
- d/rules: d/qemu-system-gui.{prerm,postrm}.in: do not save gui modules
(can't be loaded late)
- d/qemu-block-extra.postrm.in: clear all (current and former) modules
on purge
- d/qemu-block-extra.prerm.in: test for exec and prepare /var/run/qemu
if needed
-- Christian Ehrhardt <email address hidden> Thu, 19 Aug 2021 14:10:54 +0200
|
| 1913421 |
Load of pre-upgrade qemu modules needs to avoid noexec |
|
About
-
Send Feedback to @ubuntu_updates
