Ubuntu
qemu package

qemu CVE-2020-16092

Bug #1891187 reported by Christian Ehrhardt 
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
qemu (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Please include https://git.qemu.org/?p=qemu.git;a=commit;h=035e69b063835a5fd23cacabd63690a3d84532a8 in the next upload for CVE-2020-16092

Related branches

~paelzer/ubuntu/+source/qemu:groovy-lp-1890881-lp-1891187
Rafael David Tinoco (community): Approve
Canonical Server: Pending requested
Canonical Server packageset reviewers: Pending requested
git-ubuntu developers: Pending requested
Diff: 1308 lines (+1250/-0)
9 files modified
debian/changelog (+16/-0)
debian/patches/series (+7/-0)
debian/patches/ubuntu/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch (+45/-0)
debian/patches/ubuntu/lp1890881-linux-user-completely-re-write-init_guest_space.patch (+725/-0)
debian/patches/ubuntu/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch (+154/-0)
debian/patches/ubuntu/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch (+78/-0)
debian/patches/ubuntu/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch (+66/-0)
debian/patches/ubuntu/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch (+57/-0)
debian/patches/ubuntu/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch (+102/-0)

CVE References

Christian Ehrhardt  (paelzer)
Changed in qemu (Ubuntu):
status: New → Triaged
information type: Public → Private Security
Christian Ehrhardt  (paelzer)
information type: Private Security → Public Security
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package qemu - 1:5.0-5ubuntu6

---------------
qemu (1:5.0-5ubuntu6) groovy; urgency=medium

  * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
    from vfio-ccw (LP: #1887935)

qemu (1:5.0-5ubuntu5) groovy; urgency=medium

  * fix qemu-user-static initialization to allow executing systemd
    (LP: #1890881)
    - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch
    - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch
    - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch
    - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch
    - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch
    - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch
  * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187)
    CVE-2020-16092
    - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch

 -- Christian Ehrhardt <email address hidden> Tue, 25 Aug 2020 11:09:12 +0200

Changed in qemu (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.