[ubuntu/groovy-updates] qemu 1:5.0-5ubuntu9.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Nov 30 12:59:21 UTC 2020
qemu (1:5.0-5ubuntu9.2) groovy-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in sdhci_sdma_transfer_multi_blocks()
- debian/patches/ubuntu/CVE-2020-17380.patch: fix DMA Transfer Block
Size field in hw/sd/sdhci.c.
- CVE-2020-17380
- CVE-2020-25085
* SECURITY UPDATE: use-after-free via unchecked return value
- debian/patches/ubuntu/CVE-2020-25084.patch: check return value of
'usb_packet_map' in hw/usb/hcd-xhci.c.
- CVE-2020-25084
* SECURITY UPDATE: out-of-bound access issue
- debian/patches/ubuntu/CVE-2020-25624.patch: check len and
frame_number variables in hw/usb/hcd-ohci.c.
- CVE-2020-25624
* SECURITY UPDATE: infinite loop when a TD list has a loop
- debian/patches/ubuntu/CVE-2020-25625.patch: check for processed TD
before retire in hw/usb/hcd-ohci.c.
- CVE-2020-25625
* SECURITY UPDATE: assertion failure through usb_packet_unmap()
- debian/patches/ubuntu/CVE-2020-25723.patch: check return value of
'usb_packet_map' in hw/usb/hcd-ehci.c.
- CVE-2020-25723
* SECURITY UPDATE: bounds issue in ati_2d_blt
- debian/patches/ubuntu/CVE-2020-27616.patch: check x y display
parameter values in hw/display/ati_2d.c.
- CVE-2020-27616
* SECURITY UPDATE: assertion failure
- debian/patches/ubuntu/CVE-2020-27617.patch: remove an assert call in
eth_get_gso_type in net/eth.c.
- CVE-2020-27617
* Assertion failure via zero mmap_min_addr (LP: #1897854)
- debian/patches/ubuntu/lp1897854-Ensure-mmap_min_addr-is-non-zero.patch:
ensure mmap_min_addr is non-zero in linux-user/main.c.
Date: 2020-11-23 12:23:46.085844+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/qemu/1:5.0-5ubuntu9.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Groovy-changes
mailing list