Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in QEMU.
Software Description:
- qemu: Machine emulator and virtualizer
Details:
Lei Sun discovered that QEMU incorrectly handled certain MMIO operations.
An attacker inside the guest could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. (CVE-2020-15469)
Wenxiang Qian discovered that QEMU incorrectly handled certain ATAPI
commands. An attacker inside the guest could possibly use this issue to
cause QEMU to crash, resulting in a denial of service. This issue only
affected Ubuntu 21.04. (CVE-2020-29443)
Cheolwoo Myung discovered that QEMU incorrectly handled SCSI device
emulation. An attacker inside the guest could possibly use this issue to
cause QEMU to crash, resulting in a denial of service. (CVE-2020-35504,
CVE-2020-35505, CVE-2021-3392)
Alex Xu discovered that QEMU incorrectly handled the virtio-fs shared file
system daemon. An attacker inside the guest could possibly use this issue
...
The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: qemu-system 1:5.2+dfsg-9ubuntu3.1 qemu-system-arm 1:5.2+dfsg-9ubuntu3.1 qemu-system-mips 1:5.2+dfsg-9ubuntu3.1 qemu-system-misc 1:5.2+dfsg-9ubuntu3.1 qemu-system-ppc 1:5.2+dfsg-9ubuntu3.1 qemu-system-s390x 1:5.2+dfsg-9ubuntu3.1 qemu-system-sparc 1:5.2+dfsg-9ubuntu3.1 qemu-system-x86 1:5.2+dfsg-9ubuntu3.1 qemu-system-x86-microvm 1:5.2+dfsg-9ubuntu3.1 qemu-system-x86-xen 1:5.2+dfsg-9ubuntu3.1 Ubuntu 20.10: qemu-system 1:5.0-5ubuntu9.9 qemu-system-arm 1:5.0-5ubuntu9.9 qemu-system-mips 1:5.0-5ubuntu9.9 qemu-system-misc 1:5.0-5ubuntu9.9 qemu-system-ppc 1:5.0-5ubuntu9.9 qemu-system-s390x 1:5.0-5ubuntu9.9 qemu-system-sparc 1:5.0-5ubuntu9.9 qemu-system-x86 1:5.0-5ubuntu9.9 qemu-system-x86-microvm 1:5.0-5ubuntu9.9 qemu-system-x86-xen 1:5.0-5ubuntu9.9 Ubuntu 20.04 LTS: qemu-system 1:4.2-3ubuntu6.17 qemu-system-arm 1:4.2-3ubuntu6.17 qemu-system-mips 1:4.2-3ubuntu6.17 qemu-system-misc 1:4.2-3ubuntu6.17 qemu-system-ppc 1:4.2-3ubuntu6.17 qemu-system-s390x 1:4.2-3ubuntu6.17 qemu-system-sparc 1:4.2-3ubuntu6.17 qemu-system-x86 1:4.2-3ubuntu6.17 qemu-system-x86-microvm 1:4.2-3ubuntu6.17 qemu-system-x86-xen 1:4.2-3ubuntu6.17 Ubuntu 18.04 LTS: qemu-system 1:2.11+dfsg-1ubuntu7.37 qemu-system-arm 1:2.11+dfsg-1ubuntu7.37 qemu-system-mips 1:2.11+dfsg-1ubuntu7.37 qemu-system-misc 1:2.11+dfsg-1ubuntu7.37 qemu-system-ppc 1:2.11+dfsg-1ubuntu7.37 qemu-system-s390x 1:2.11+dfsg-1ubuntu7.37 qemu-system-sparc 1:2.11+dfsg-1ubuntu7.37 qemu-system-x86 1:2.11+dfsg-1ubuntu7.37 After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes.
https://ubuntu.com/security/notices/USN-5010-1
CVE-2020-15469, CVE-2020-29443, CVE-2020-35504, CVE-2020-35505,
CVE-2020-35517, CVE-2021-20221, CVE-2021-20257, CVE-2021-3392,
CVE-2021-3409, CVE-2021-3416, CVE-2021-3527, CVE-2021-3544,
CVE-2021-3545, CVE-2021-3546, CVE-2021-3582, CVE-2021-3592,
CVE-2021-3593, CVE-2021-3594, CVE-2021-3595, CVE-2021-3607,
CVE-2021-3608
Get the latest Linux and open source security news straight to your inbox.