Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in QEMU.
Software Description:
- qemu: Machine emulator and virtualizer
Details:
Alexander Bulekov discovered that QEMU incorrectly handled floppy disk
emulation. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service, or possibly leak
sensitive information. (CVE-2021-3507)
It was discovered that QEMU incorrectly handled NVME controller emulation.
An attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 22.04 LTS. (CVE-2021-3929)
It was discovered that QEMU incorrectly handled QXL display device
emulation. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-4206, CVE-2021-4207)
Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang disc...
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: qemu-system 1:6.2+dfsg-2ubuntu6.2 qemu-system-arm 1:6.2+dfsg-2ubuntu6.2 qemu-system-mips 1:6.2+dfsg-2ubuntu6.2 qemu-system-misc 1:6.2+dfsg-2ubuntu6.2 qemu-system-ppc 1:6.2+dfsg-2ubuntu6.2 qemu-system-s390x 1:6.2+dfsg-2ubuntu6.2 qemu-system-sparc 1:6.2+dfsg-2ubuntu6.2 qemu-system-x86 1:6.2+dfsg-2ubuntu6.2 qemu-system-x86-microvm 1:6.2+dfsg-2ubuntu6.2 qemu-system-x86-xen 1:6.2+dfsg-2ubuntu6.2 Ubuntu 21.10: qemu-system 1:6.0+dfsg-2expubuntu1.3 qemu-system-arm 1:6.0+dfsg-2expubuntu1.3 qemu-system-mips 1:6.0+dfsg-2expubuntu1.3 qemu-system-misc 1:6.0+dfsg-2expubuntu1.3 qemu-system-ppc 1:6.0+dfsg-2expubuntu1.3 qemu-system-s390x 1:6.0+dfsg-2expubuntu1.3 qemu-system-sparc 1:6.0+dfsg-2expubuntu1.3 qemu-system-x86 1:6.0+dfsg-2expubuntu1.3 qemu-system-x86-microvm 1:6.0+dfsg-2expubuntu1.3 qemu-system-x86-xen 1:6.0+dfsg-2expubuntu1.3 Ubuntu 20.04 LTS: qemu-system 1:4.2-3ubuntu6.23 qemu-system-arm 1:4.2-3ubuntu6.23 qemu-system-mips 1:4.2-3ubuntu6.23 qemu-system-misc 1:4.2-3ubuntu6.23 qemu-system-ppc 1:4.2-3ubuntu6.23 qemu-system-s390x 1:4.2-3ubuntu6.23 qemu-system-sparc 1:4.2-3ubuntu6.23 qemu-system-x86 1:4.2-3ubuntu6.23 qemu-system-x86-microvm 1:4.2-3ubuntu6.23 qemu-system-x86-xen 1:4.2-3ubuntu6.23 Ubuntu 18.04 LTS: qemu-system 1:2.11+dfsg-1ubuntu7.40 qemu-system-arm 1:2.11+dfsg-1ubuntu7.40 qemu-system-mips 1:2.11+dfsg-1ubuntu7.40 qemu-system-misc 1:2.11+dfsg-1ubuntu7.40 qemu-system-ppc 1:2.11+dfsg-1ubuntu7.40 qemu-system-s390x 1:2.11+dfsg-1ubuntu7.40 qemu-system-sparc 1:2.11+dfsg-1ubuntu7.40 qemu-system-x86 1:2.11+dfsg-1ubuntu7.40 After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes.
https://ubuntu.com/security/notices/USN-5489-1
CVE-2021-3507, CVE-2021-3929, CVE-2021-4206, CVE-2021-4207,
CVE-2022-0358, CVE-2022-26353, CVE-2022-26354
Get the latest Linux and open source security news straight to your inbox.