Linux Security
Linux Security
Linux Security

Debian LTS: DLA-2373-1: qemu security update

Date 13 Sep 2020
481
Posted By LinuxSecurity Advisories
The following security issues have been found in qemu, which could potentially result in DoS and execution of arbitrary code. CVE-2020-1711

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2373-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Abhijith PA
September 13, 2020                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : qemu
Version        : 1:2.8+dfsg-6+deb9u11
CVE ID         : CVE-2020-1711 CVE-2020-13253 CVE-2020-14364 CVE-2020-16092
Debian Bug     : 968947 961297 949731

The following security issues have been found in qemu, which could
potentially result in DoS and execution of arbitrary code.

CVE-2020-1711

    An out-of-bounds heap buffer access flaw was found in the way the iSCSI
    Block driver in QEMU handled a response coming from an iSCSI server
    while checking the status of a Logical Address Block (LBA) in an
    iscsi_co_block_status() routine. A remote user could use this flaw to
    crash the QEMU process, resulting in a denial of service or potential
    execution of arbitrary code with privileges of the QEMU process on the
    host.

CVE-2020-13253

    An out-of-bounds read access issue was found in the SD Memory Card
    emulator of the QEMU. It occurs while performing block write commands
    via sdhci_write(), if a guest user has sent 'address' which is OOB of
    's->wp_groups'. A guest user/process may use this flaw to crash the
    QEMU process resulting in DoS.

CVE-2020-14364

    An out-of-bounds read/write access issue was found in the USB emulator
    of the QEMU. It occurs while processing USB packets from a guest, when
    'USBDevice->setup_len' exceeds the USBDevice->data_buf[4096], in
    do_token_{in,out} routines.


CVE-2020-16092

    An assertion failure can occur in the network packet processing. This
    issue affects the e1000e and vmxnet3 network devices. A malicious guest
    user/process could use this flaw to abort the QEMU process on the host,
    resulting in a denial of service condition in
    net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c

For Debian 9 stretch, these problems have been fixed in version
1:2.8+dfsg-6+deb9u11.

We recommend that you upgrade your qemu packages.

For the detailed security status of qemu please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qemu

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Advisories

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
/main-polls/52-how-frequently-do-you-patch-update-your-system?task=poll.vote&format=json
52
radio
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"42","type":"x","order":"1","pct":84,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"4","type":"x","order":"2","pct":8,"resources":[]},{"id":"181","title":"Hardly ever","votes":"4","type":"x","order":"3","pct":8,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.

VOTE ON THE POLL PAGE


VIEW MORE POLLS

bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.