qemu 1:5.2+dfsg-9ubuntu3.1 source package in Ubuntu
Changelog
qemu (1:5.2+dfsg-9ubuntu3.1) hirsute-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference in MemoryRegionOps object
- debian/patches/CVE-2020-15469-1.patch: add pci-intack write method in
hw/pci-host/prep.c.
- debian/patches/CVE-2020-15469-2.patch: add pcie-msi read method in
hw/pci-host/designware.c.
- debian/patches/CVE-2020-15469-3.patch: add quirk device write method
in hw/vfio/pci-quirks.c.
- debian/patches/CVE-2020-15469-4.patch: add ppc-parity write method in
hw/ppc/prep_systemio.c.
- debian/patches/CVE-2020-15469-5.patch: add nrf51_soc flash read
method in hw/nvram/nrf51_nvm.c.
- debian/patches/CVE-2020-15469-6.patch: add spapr msi read method in
hw/ppc/spapr_pci.c.
- debian/patches/CVE-2020-15469-7.patch: add dummy read/write methods
in hw/misc/tz-ppc.c.
- debian/patches/CVE-2020-15469-8.patch: add digprog mmio write method
in hw/misc/imx7_ccm.c.
- CVE-2020-15469
* SECURITY UPDATE: out of bounds read in ide_atapi_cmd_reply_end
- debian/patches/CVE-2020-29443-2.patch: check logical block address
and read size in hw/ide/atapi.c.
- CVE-2020-29443
* SECURITY UPDATE: NULL pointer dereference flaw in SCSI emulation
- debian/patches/CVE-2020-35504.patch: always check current_req is not
NULL before use in DMA callbacks in hw/scsi/esp.c.
- CVE-2020-35504
* SECURITY UPDATE: NULL pointer dereference flaw in am53c974 SCSI
- debian/patches/CVE-2020-35505.patch: ensure cmdfifo is not empty and
current_dev is non-NULL in hw/scsi/esp.c.
- CVE-2020-35505
* SECURITY UPDATE: use-after-free flaw was found in the MegaRAID emulator
- debian/patches/CVE-2021-3392.patch: Remove unused MPTSASState pending
field in hw/scsi/mptsas.c, hw/scsi/mptsas.h.
- CVE-2021-3392
* SECURITY UPDATE: out-of-bounds read/write in SDHCI controller emulation
- debian/patches/CVE-2021-3409-1.patch: don't transfer any data when
command time out in hw/sd/sdhci.c.
- debian/patches/CVE-2021-3409-2.patch: don't write to SDHC_SYSAD
register when transfer is in progress in hw/sd/sdhci.c.
- debian/patches/CVE-2021-3409-3.patch: correctly set the controller
status for ADMA in hw/sd/sdhci.c.
- debian/patches/CVE-2021-3409-4.patch: limit block size only when
SDHC_BLKSIZE register is writable in hw/sd/sdhci.c.
- debian/patches/CVE-2021-3409-5.patch: reset the data pointer of
s->fifo_buffer[] when a different block size is programmed in
hw/sd/sdhci.c.
- CVE-2021-3409
* SECURITY UPDATE: DoS in USB redirector device
- debian/patches/CVE-2021-3527-1.patch: avoid dynamic stack allocation
in hw/usb/redirect.c.
- debian/patches/CVE-2021-3527-2.patch: limit combined packets to 1 MiB
in hw/usb/combined-packet.c.
- CVE-2021-3527
* SECURITY UPDATE: multiple issues in virtio vhost-user GPU device
- debian/patches/CVE-2021-3544-1.patch: fix memory disclosure in
contrib/vhost-user-gpu/virgl.c.
- debian/patches/CVE-2021-3544-2.patch: fix resource leak in
contrib/vhost-user-gpu/vhost-user-gpu.c.
- debian/patches/CVE-2021-3544-3.patch: fix memory leak in
contrib/vhost-user-gpu/vhost-user-gpu.c.
- debian/patches/CVE-2021-3544-4.patch: fix memory leak in
contrib/vhost-user-gpu/vhost-user-gpu.c.
- debian/patches/CVE-2021-3544-5.patch: fix memory leak in
contrib/vhost-user-gpu/virgl.c.
- debian/patches/CVE-2021-3544-6.patch: fix memory leak in
contrib/vhost-user-gpu/virgl.c.
- debian/patches/CVE-2021-3544-7.patch: fix OOB write in
contrib/vhost-user-gpu/virgl.c.
- debian/patches/CVE-2021-3544-8.patch: abstract vg_cleanup_mapping_iov
in contrib/vhost-user-gpu/vhost-user-gpu.c,
contrib/vhost-user-gpu/virgl.c, contrib/vhost-user-gpu/vugpu.h.
- CVE-2021-3544
- CVE-2021-3545
- CVE-2021-3546
* SECURITY UPDATE: mremap overflow in the pvrdma device
- debian/patches/CVE-2021-3582.patch: check lengths in
hw/rdma/vmw/pvrdma_cmd.c.
- CVE-2021-3582
* SECURITY UPDATE: integer overflow in pvrdma device
- debian/patches/CVE-2021-3607.patch: ensure correct input on ring init
in hw/rdma/vmw/pvrdma_main.c.
- CVE-2021-3607
* SECURITY UPDATE: uninitialized memory unmap in pvrdma device
- debian/patches/CVE-2021-3608.patch: fix the ring init error flow in
hw/rdma/vmw/pvrdma_dev_ring.c.
- CVE-2021-3608
-- Marc Deslauriers <email address hidden> Thu, 08 Jul 2021 09:51:29 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Hirsute
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- otherosfs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| qemu_5.2+dfsg.orig.tar.xz | 18.8 MiB | be5ae7ddc88d68af81c7b2435b95c1cad4e9416c9a1426ee5a6a4b9a9c0bf87e |
| qemu_5.2+dfsg-9ubuntu3.1.debian.tar.xz | 161.5 KiB | bae2da194e6d5d5e8dfd32d984fdb8b5bb8752ad44b89f07091fa1048f95337a |
| qemu_5.2+dfsg-9ubuntu3.1.dsc | 7.2 KiB | 6528f2cb230bbfd64b41e4fb3bfcefc8fd36710cf660d26b8bf9b6357a111973 |
Available diffs
Binary packages built by this source
- qemu: No summary available for qemu in ubuntu hirsute.
No description available for qemu in ubuntu hirsute.
- qemu-block-extra: No summary available for qemu-block-extra in ubuntu hirsute.
No description available for qemu-block-extra in ubuntu hirsute.
- qemu-block-extra-dbgsym: No summary available for qemu-block-extra-dbgsym in ubuntu hirsute.
No description available for qemu-block-
extra-dbgsym in ubuntu hirsute.
- qemu-guest-agent: No summary available for qemu-guest-agent in ubuntu hirsute.
No description available for qemu-guest-agent in ubuntu hirsute.
- qemu-guest-agent-dbgsym: No summary available for qemu-guest-agent-dbgsym in ubuntu hirsute.
No description available for qemu-guest-
agent-dbgsym in ubuntu hirsute.
- qemu-system: No summary available for qemu-system in ubuntu hirsute.
No description available for qemu-system in ubuntu hirsute.
- qemu-system-arm: No summary available for qemu-system-arm in ubuntu hirsute.
No description available for qemu-system-arm in ubuntu hirsute.
- qemu-system-arm-dbgsym: No summary available for qemu-system-arm-dbgsym in ubuntu hirsute.
No description available for qemu-system-
arm-dbgsym in ubuntu hirsute.
- qemu-system-common: No summary available for qemu-system-common in ubuntu hirsute.
No description available for qemu-system-common in ubuntu hirsute.
- qemu-system-common-dbgsym: No summary available for qemu-system-common-dbgsym in ubuntu hirsute.
No description available for qemu-system-
common- dbgsym in ubuntu hirsute.
- qemu-system-data: No summary available for qemu-system-data in ubuntu hirsute.
No description available for qemu-system-data in ubuntu hirsute.
- qemu-system-gui: No summary available for qemu-system-gui in ubuntu hirsute.
No description available for qemu-system-gui in ubuntu hirsute.
- qemu-system-gui-dbgsym: No summary available for qemu-system-gui-dbgsym in ubuntu hirsute.
No description available for qemu-system-
gui-dbgsym in ubuntu hirsute.
- qemu-system-mips: No summary available for qemu-system-mips in ubuntu hirsute.
No description available for qemu-system-mips in ubuntu hirsute.
- qemu-system-mips-dbgsym: No summary available for qemu-system-mips-dbgsym in ubuntu hirsute.
No description available for qemu-system-
mips-dbgsym in ubuntu hirsute.
- qemu-system-misc: No summary available for qemu-system-misc in ubuntu hirsute.
No description available for qemu-system-misc in ubuntu hirsute.
- qemu-system-misc-dbgsym: No summary available for qemu-system-misc-dbgsym in ubuntu hirsute.
No description available for qemu-system-
misc-dbgsym in ubuntu hirsute.
- qemu-system-ppc: No summary available for qemu-system-ppc in ubuntu hirsute.
No description available for qemu-system-ppc in ubuntu hirsute.
- qemu-system-ppc-dbgsym: No summary available for qemu-system-ppc-dbgsym in ubuntu hirsute.
No description available for qemu-system-
ppc-dbgsym in ubuntu hirsute.
- qemu-system-s390x: No summary available for qemu-system-s390x in ubuntu hirsute.
No description available for qemu-system-s390x in ubuntu hirsute.
- qemu-system-s390x-dbgsym: No summary available for qemu-system-s390x-dbgsym in ubuntu hirsute.
No description available for qemu-system-
s390x-dbgsym in ubuntu hirsute.
- qemu-system-sparc: No summary available for qemu-system-sparc in ubuntu hirsute.
No description available for qemu-system-sparc in ubuntu hirsute.
- qemu-system-sparc-dbgsym: No summary available for qemu-system-sparc-dbgsym in ubuntu hirsute.
No description available for qemu-system-
sparc-dbgsym in ubuntu hirsute.
- qemu-system-x86: No summary available for qemu-system-x86 in ubuntu hirsute.
No description available for qemu-system-x86 in ubuntu hirsute.
- qemu-system-x86-dbgsym: No summary available for qemu-system-x86-dbgsym in ubuntu hirsute.
No description available for qemu-system-
x86-dbgsym in ubuntu hirsute.
- qemu-system-x86-microvm: No summary available for qemu-system-x86-microvm in ubuntu hirsute.
No description available for qemu-system-
x86-microvm in ubuntu hirsute.
- qemu-system-x86-xen: No summary available for qemu-system-x86-xen in ubuntu hirsute.
No description available for qemu-system-x86-xen in ubuntu hirsute.
- qemu-system-x86-xen-dbgsym: No summary available for qemu-system-x86-xen-dbgsym in ubuntu hirsute.
No description available for qemu-system-
x86-xen- dbgsym in ubuntu hirsute.
- qemu-user: No summary available for qemu-user in ubuntu hirsute.
No description available for qemu-user in ubuntu hirsute.
- qemu-user-binfmt: No summary available for qemu-user-binfmt in ubuntu hirsute.
No description available for qemu-user-binfmt in ubuntu hirsute.
- qemu-user-dbgsym: No summary available for qemu-user-dbgsym in ubuntu hirsute.
No description available for qemu-user-dbgsym in ubuntu hirsute.
- qemu-user-static: No summary available for qemu-user-static in ubuntu hirsute.
No description available for qemu-user-static in ubuntu hirsute.
- qemu-user-static-dbgsym: No summary available for qemu-user-static-dbgsym in ubuntu hirsute.
No description available for qemu-user-
static- dbgsym in ubuntu hirsute.
- qemu-utils: No summary available for qemu-utils in ubuntu hirsute.
No description available for qemu-utils in ubuntu hirsute.
- qemu-utils-dbgsym: No summary available for qemu-utils-dbgsym in ubuntu hirsute.
No description available for qemu-utils-dbgsym in ubuntu hirsute.
