StarlingX

Debian CVE-2022-26353: qemu: memory leakage

Bug #1994115 reported by Yue Tao
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Medium
Yue Tao

Bug Description

CVE-2022-26353: [https://nvd.nist.gov/vuln/detail/CVE-2022-26353]
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0.
Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-26353 fixed 7.5 N L N N H

References:
https://security-tracker.debian.org/tracker/CVE-2022-26353

Found during May 2022 CVE scan using vulscan

CVE References

Revision history for this message
Ghada Khalil (gkhalil) wrote :

screening: stx.8.0 / medium - CVE meets the stx fix criteria

information type: Public → Private Security
information type: Private Security → Public Security
Changed in starlingx:
status: New → Triaged
importance: Undecided → Medium
tags: added: stx.security
tags: added: stx.8.0
Changed in starlingx:
assignee: nobody → Yue Tao (wrytao)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/864164

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/864164
Committed: https://opendev.org/starlingx/tools/commit/a85c68e515c9fe77522282522404180e170d62cd
Submitter: "Zuul (22348)"
Branch: master

commit a85c68e515c9fe77522282522404180e170d62cd
Author: Yue Tao <email address hidden>
Date: Thu Nov 10 15:00:52 2022 +0800

    Debian: qemu: fix CVE-2022-26353

    Upgrade qemu, qemu-utils to 1:5.2+dfsg-11+deb11u1

    Refer to:
    https://security-tracker.debian.org/tracker/CVE-2022-26353

    Test Plan:

    Pass: downloader
    Pass: build-pkgs
    Pass: build-image
    Pass: boot

    Closes-Bug: 1994115

    Signed-off-by: Yue Tao <email address hidden>
    Change-Id: Ia0caa4ecbf64e805a87a41461d7b1f0a1c8c1519

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.