[ubuntu/bionic-security] qemu 1:2.11+dfsg-1ubuntu7.39 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Feb 28 12:38:59 UTC 2022

qemu (1:2.11+dfsg-1ubuntu7.39) bionic-security; urgency=medium

  * SECURITY UPDATE: crash or code exec in USB redirector device emulation
    - debian/patches/CVE-2021-3682.patch: fix free call in
    - CVE-2021-3682
  * SECURITY UPDATE: heap use-after-free in virtio_net_receive_rcu
    - debian/patches/CVE-2021-3748.patch: fix use after unmap/free for sg
      in hw/net/virtio-net.c.
    - CVE-2021-3748
  * SECURITY UPDATE: off-by-one error in mode_sense_page()
    - debian/patches/CVE-2021-3930.patch: MODE_PAGE_ALLS not allowed in
      MODE SELECT commands in hw/scsi/scsi-disk.c.
    - CVE-2021-3930
  * SECURITY UPDATE: NULL dereference in floppy disk emulator
    - debian/patches/CVE-2021-20196-1.patch: Extract
      blk_create_empty_drive() in hw/block/fdc.c.
    - debian/patches/CVE-2021-20196-2.patch: kludge missing floppy drive in
    - CVE-2021-20196
  * SECURITY UPDATE: integer overflow in vmxnet3 NIC emulator
    - debian/patches/CVE-2021-20203.patch: validate configuration values
      during activate in hw/net/vmxnet3.c.
    - CVE-2021-20203

qemu (1:2.11+dfsg-1ubuntu7.38) bionic; urgency=medium

  * enhance loading of old modules post upgrade (LP: #1913421)
    - d/qemu-block-extra.prerm.in: clear all (current and former) modules
      on purge
    - d/qemu-block-extra.prerm.in: test for exec and prepare /var/run/qemu
      if needed

Date: 2022-02-23 14:55:10.015250+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list