qemu 1:5.0-5ubuntu9.9 source package in Ubuntu
Changelog
qemu (1:5.0-5ubuntu9.9) groovy-security; urgency=medium * SECURITY UPDATE: NULL pointer dereference in MemoryRegionOps object - debian/patches/CVE-2020-15469-1.patch: add pci-intack write method in hw/pci-host/prep.c. - debian/patches/CVE-2020-15469-2.patch: add pcie-msi read method in hw/pci-host/designware.c. - debian/patches/CVE-2020-15469-3.patch: add quirk device write method in hw/vfio/pci-quirks.c. - debian/patches/CVE-2020-15469-4.patch: add ppc-parity write method in hw/ppc/prep_systemio.c. - debian/patches/CVE-2020-15469-5.patch: add nrf51_soc flash read method in hw/nvram/nrf51_nvm.c. - debian/patches/CVE-2020-15469-6.patch: add spapr msi read method in hw/ppc/spapr_pci.c. - debian/patches/CVE-2020-15469-7.patch: add dummy read/write methods in hw/misc/tz-ppc.c. - debian/patches/CVE-2020-15469-8.patch: add digprog mmio write method in hw/misc/imx7_ccm.c. - CVE-2020-15469 * SECURITY UPDATE: NULL pointer dereference flaw in SCSI emulation - debian/patches/CVE-2020-35504.patch: always check current_req is not NULL before use in DMA callbacks in hw/scsi/esp.c. - CVE-2020-35504 * SECURITY UPDATE: NULL pointer dereference flaw in am53c974 SCSI - debian/patches/CVE-2020-35505.patch: ensure cmdfifo is not empty and current_dev is non-NULL in hw/scsi/esp.c. - CVE-2020-35505 * SECURITY UPDATE: host privilege escalation issue in virtio-fs - debian/patches/CVE-2020-35517-1.patch: extract lo_do_open() from lo_open() in tools/virtiofsd/passthrough_ll.c. - debian/patches/CVE-2020-35517-2.patch: optionally return inode pointer from lo_do_lookup() in tools/virtiofsd/passthrough_ll.c. - debian/patches/CVE-2020-35517-3.patch: prevent opening of special files in tools/virtiofsd/passthrough_ll.c. - CVE-2020-35517 * SECURITY UPDATE: use-after-free flaw was found in the MegaRAID emulator - debian/patches/CVE-2021-3392.patch: Remove unused MPTSASState pending field in hw/scsi/mptsas.c, hw/scsi/mptsas.h. - CVE-2021-3392 * SECURITY UPDATE: out-of-bounds read/write in SDHCI controller emulation - debian/patches/CVE-2021-3409-1.patch: don't transfer any data when command time out in hw/sd/sdhci.c. - debian/patches/CVE-2021-3409-2.patch: don't write to SDHC_SYSAD register when transfer is in progress in hw/sd/sdhci.c. - debian/patches/CVE-2021-3409-3.patch: correctly set the controller status for ADMA in hw/sd/sdhci.c. - debian/patches/CVE-2021-3409-4.patch: limit block size only when SDHC_BLKSIZE register is writable in hw/sd/sdhci.c. - debian/patches/CVE-2021-3409-5.patch: reset the data pointer of s->fifo_buffer[] when a different block size is programmed in hw/sd/sdhci.c. - CVE-2021-3409 * SECURITY UPDATE: stack overflow via infinite loop issue in various NIC - debian/patches/CVE-2021-3416-1.patch: introduce qemu_receive_packet() in include/net/net.h, include/net/queue.h, net/net.c, net/queue.c. - debian/patches/CVE-2021-3416-2.patch: switch to use qemu_receive_packet() for loopback in hw/net/e1000.c. - debian/patches/CVE-2021-3416-3.patch: switch to use qemu_receive_packet() for loopback packet in hw/net/dp8393x.c. - debian/patches/CVE-2021-3416-5.patch: switch to use qemu_receive_packet() for loopback in hw/net/sungem.c. - debian/patches/CVE-2021-3416-6.patch: switch to use qemu_receive_packet_iov() for loopback in hw/net/net_tx_pkt.c. - debian/patches/CVE-2021-3416-7.patch: switch to use qemu_receive_packet() for loopback in hw/net/rtl8139.c. - debian/patches/CVE-2021-3416-8.patch: switch to use qemu_receive_packet() for loopback in hw/net/pcnet.c. - debian/patches/CVE-2021-3416-9.patch: switch to use qemu_receive_packet() for loopback in hw/net/cadence_gem.c. - debian/patches/CVE-2021-3416-10.patch: switch to use qemu_receive_packet() for loopback in hw/net/lan9118.c. - CVE-2021-3416 * SECURITY UPDATE: DoS in USB redirector device - debian/patches/CVE-2021-3527-1.patch: avoid dynamic stack allocation in hw/usb/redirect.c. - debian/patches/CVE-2021-3527-2.patch: limit combined packets to 1 MiB in hw/usb/combined-packet.c. - CVE-2021-3527 * SECURITY UPDATE: multiple issues in virtio vhost-user GPU device - debian/patches/CVE-2021-3544-1.patch: fix memory disclosure in contrib/vhost-user-gpu/virgl.c. - debian/patches/CVE-2021-3544-2.patch: fix resource leak in contrib/vhost-user-gpu/vhost-user-gpu.c. - debian/patches/CVE-2021-3544-3.patch: fix memory leak in contrib/vhost-user-gpu/vhost-user-gpu.c. - debian/patches/CVE-2021-3544-4.patch: fix memory leak in contrib/vhost-user-gpu/vhost-user-gpu.c. - debian/patches/CVE-2021-3544-5.patch: fix memory leak in contrib/vhost-user-gpu/virgl.c. - debian/patches/CVE-2021-3544-6.patch: fix memory leak in contrib/vhost-user-gpu/virgl.c. - debian/patches/CVE-2021-3544-7.patch: fix OOB write in contrib/vhost-user-gpu/virgl.c. - debian/patches/CVE-2021-3544-8.patch: abstract vg_cleanup_mapping_iov in contrib/vhost-user-gpu/vhost-user-gpu.c, contrib/vhost-user-gpu/virgl.c, contrib/vhost-user-gpu/vugpu.h. - CVE-2021-3544 - CVE-2021-3545 - CVE-2021-3546 * SECURITY UPDATE: mremap overflow in the pvrdma device - debian/patches/CVE-2021-3582.patch: check lengths in hw/rdma/vmw/pvrdma_cmd.c. - CVE-2021-3582 * SECURITY UPDATE: integer overflow in pvrdma device - debian/patches/CVE-2021-3607.patch: ensure correct input on ring init in hw/rdma/vmw/pvrdma_main.c. - CVE-2021-3607 * SECURITY UPDATE: uninitialized memory unmap in pvrdma device - debian/patches/CVE-2021-3608.patch: fix the ring init error flow in hw/rdma/vmw/pvrdma_dev_ring.c. - CVE-2021-3608 * SECURITY UPDATE: out-of-bounds access issue in ARM Generic Interrupt Controller - debian/patches/CVE-2021-20221.patch: fix interrupt ID in GICD_SGIR register in hw/intc/arm_gic.c. - CVE-2021-20221 * SECURITY UPDATE: infinite loop while processing transmit descriptors - debian/patches/CVE-2021-20257.patch: fail early for evil descriptor in hw/net/e1000.c. - CVE-2021-20257 -- Marc Deslauriers <email address hidden> Mon, 12 Jul 2021 07:07:45 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Groovy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- otherosfs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
qemu_5.0.orig.tar.xz | 59.5 MiB | 2f13a92a0fa5c8b69ff0796b59b86b080bbb92ebad5d301a7724dd06b5e78cb6 |
qemu_5.0-5ubuntu9.9.debian.tar.xz | 239.9 KiB | 66c57274af61e72c85616510e9d915725528c3a1b4017f35e36ab684389a10af |
qemu_5.0-5ubuntu9.9.dsc | 7.2 KiB | 0f3dff6e7a094c1934c9b4ea42a599086df0b4994299ec7b0cfeca9b036b0b25 |
Available diffs
Binary packages built by this source
- qemu: No summary available for qemu in ubuntu groovy.
No description available for qemu in ubuntu groovy.
- qemu-block-extra: No summary available for qemu-block-extra in ubuntu groovy.
No description available for qemu-block-extra in ubuntu groovy.
- qemu-block-extra-dbgsym: No summary available for qemu-block-extra-dbgsym in ubuntu groovy.
No description available for qemu-block-
extra-dbgsym in ubuntu groovy.
- qemu-guest-agent: No summary available for qemu-guest-agent in ubuntu groovy.
No description available for qemu-guest-agent in ubuntu groovy.
- qemu-guest-agent-dbgsym: No summary available for qemu-guest-agent-dbgsym in ubuntu groovy.
No description available for qemu-guest-
agent-dbgsym in ubuntu groovy.
- qemu-kvm: No summary available for qemu-kvm in ubuntu groovy.
No description available for qemu-kvm in ubuntu groovy.
- qemu-system: No summary available for qemu-system in ubuntu groovy.
No description available for qemu-system in ubuntu groovy.
- qemu-system-arm: No summary available for qemu-system-arm in ubuntu groovy.
No description available for qemu-system-arm in ubuntu groovy.
- qemu-system-arm-dbgsym: No summary available for qemu-system-arm-dbgsym in ubuntu groovy.
No description available for qemu-system-
arm-dbgsym in ubuntu groovy.
- qemu-system-common: No summary available for qemu-system-common in ubuntu groovy.
No description available for qemu-system-common in ubuntu groovy.
- qemu-system-common-dbgsym: No summary available for qemu-system-common-dbgsym in ubuntu groovy.
No description available for qemu-system-
common- dbgsym in ubuntu groovy.
- qemu-system-data: No summary available for qemu-system-data in ubuntu groovy.
No description available for qemu-system-data in ubuntu groovy.
- qemu-system-gui: No summary available for qemu-system-gui in ubuntu groovy.
No description available for qemu-system-gui in ubuntu groovy.
- qemu-system-gui-dbgsym: No summary available for qemu-system-gui-dbgsym in ubuntu groovy.
No description available for qemu-system-
gui-dbgsym in ubuntu groovy.
- qemu-system-mips: No summary available for qemu-system-mips in ubuntu groovy.
No description available for qemu-system-mips in ubuntu groovy.
- qemu-system-mips-dbgsym: No summary available for qemu-system-mips-dbgsym in ubuntu groovy.
No description available for qemu-system-
mips-dbgsym in ubuntu groovy.
- qemu-system-misc: No summary available for qemu-system-misc in ubuntu groovy.
No description available for qemu-system-misc in ubuntu groovy.
- qemu-system-misc-dbgsym: No summary available for qemu-system-misc-dbgsym in ubuntu groovy.
No description available for qemu-system-
misc-dbgsym in ubuntu groovy.
- qemu-system-ppc: No summary available for qemu-system-ppc in ubuntu groovy.
No description available for qemu-system-ppc in ubuntu groovy.
- qemu-system-ppc-dbgsym: No summary available for qemu-system-ppc-dbgsym in ubuntu groovy.
No description available for qemu-system-
ppc-dbgsym in ubuntu groovy.
- qemu-system-s390x: No summary available for qemu-system-s390x in ubuntu groovy.
No description available for qemu-system-s390x in ubuntu groovy.
- qemu-system-s390x-dbgsym: No summary available for qemu-system-s390x-dbgsym in ubuntu groovy.
No description available for qemu-system-
s390x-dbgsym in ubuntu groovy.
- qemu-system-sparc: No summary available for qemu-system-sparc in ubuntu groovy.
No description available for qemu-system-sparc in ubuntu groovy.
- qemu-system-sparc-dbgsym: No summary available for qemu-system-sparc-dbgsym in ubuntu groovy.
No description available for qemu-system-
sparc-dbgsym in ubuntu groovy.
- qemu-system-x86: No summary available for qemu-system-x86 in ubuntu groovy.
No description available for qemu-system-x86 in ubuntu groovy.
- qemu-system-x86-dbgsym: No summary available for qemu-system-x86-dbgsym in ubuntu groovy.
No description available for qemu-system-
x86-dbgsym in ubuntu groovy.
- qemu-system-x86-microvm: No summary available for qemu-system-x86-microvm in ubuntu groovy.
No description available for qemu-system-
x86-microvm in ubuntu groovy.
- qemu-system-x86-xen: No summary available for qemu-system-x86-xen in ubuntu groovy.
No description available for qemu-system-x86-xen in ubuntu groovy.
- qemu-system-x86-xen-dbgsym: No summary available for qemu-system-x86-xen-dbgsym in ubuntu groovy.
No description available for qemu-system-
x86-xen- dbgsym in ubuntu groovy.
- qemu-user: No summary available for qemu-user in ubuntu groovy.
No description available for qemu-user in ubuntu groovy.
- qemu-user-binfmt: No summary available for qemu-user-binfmt in ubuntu groovy.
No description available for qemu-user-binfmt in ubuntu groovy.
- qemu-user-dbgsym: No summary available for qemu-user-dbgsym in ubuntu groovy.
No description available for qemu-user-dbgsym in ubuntu groovy.
- qemu-user-static: No summary available for qemu-user-static in ubuntu groovy.
No description available for qemu-user-static in ubuntu groovy.
- qemu-user-static-dbgsym: No summary available for qemu-user-static-dbgsym in ubuntu groovy.
No description available for qemu-user-
static- dbgsym in ubuntu groovy.
- qemu-utils: No summary available for qemu-utils in ubuntu groovy.
No description available for qemu-utils in ubuntu groovy.
- qemu-utils-dbgsym: No summary available for qemu-utils-dbgsym in ubuntu groovy.
No description available for qemu-utils-dbgsym in ubuntu groovy.