StarlingX

[Debian] High CVE: CVE-2022-1050 qemu: a use-after-free condition

Bug #2059901 reported by Yue Tao on 2024-04-01

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	High	Wentao Zhang

Bug Description

CVE-2022-1050: https://nvd.nist.gov/vuln/detail/CVE-2022-1050

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.

Base Score: High

Reference:

['qemu_1:5.2+dfsg-11+deb11u2_amd64.deb===>qemu_1:5.2+dfsg-11+deb11u3_amd64.deb', 'qemu-utils_1:5.2+dfsg-11+deb11u2_amd64.deb===>qemu-utils_1:5.2+dfsg-11+deb11u3_amd64.deb']

Tags:

CVE References

2022-1050

Yue Tao (wrytao) on 2024-04-01

summary:

- [Debian] High CVE: CVE-2022-1050 qemu: leading to a use-after-free
- condition
+ [Debian] High CVE: CVE-2022-1050 qemu: a use-after-free condition

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2024-04-01:

Changing the target release to stx.10.0 since the r/stx.9.0 release branch is created and the team doesn't port CVE fixes to released branches.

tags:

added: stx.10.0
removed: stx.9.0

Wentao Zhang (wzhang4) on 2024-05-14

Changed in starlingx:
assignee:	nobody → Wentao Zhang (wzhang4)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-05-15: Fix proposed to virt (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/virt/+/919664

Changed in starlingx:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-05-21: Fix merged to virt (master)

Reviewed: https://review.opendev.org/c/starlingx/virt/+/919664
Committed: https://opendev.org/starlingx/virt/commit/f7b1640f0b4b394c278bd64d13d343a149039644
Submitter: "Zuul (22348)"
Branch: master

commit f7b1640f0b4b394c278bd64d13d343a149039644
Author: Wentao Zhang <email address hidden>
Date: Tue May 14 01:54:18 2024 -0700

Debian: qemu: fix CVE-2022-1050

Upgrade qemu to 1:7.2+dfsg-7+deb12u5

Refer to:
https://security-tracker.debian.org/tracker/CVE-2022-1050

    Test Plan:
    Pass: downloader
    Pass: build-pkgs --clean --all
    Pass: build-image
    Pass: boot

Closes-bug: #2059901

Change-Id: I13df6652dfa549ce876201b8053026117e72fd87
Signed-off-by: Wentao Zhang <email address hidden>

Changed in starlingx:
status:	In Progress → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.