[ubuntu/jammy-updates] qemu 1:6.2+dfsg-2ubuntu6.16 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Mon Jan 8 18:59:47 UTC 2024 

qemu (1:6.2+dfsg-2ubuntu6.16) jammy-security; urgency=medium

  * SECURITY UPDATE: infinite loop in USB xHCI controller
    - debian/patches/CVE-2020-14394.patch: fix unbounded loop in
      hw/usb/hcd-xhci.c.
    - CVE-2020-14394
  * SECURITY UPDATE: OOB read in RDMA device
    - debian/patches/CVE-2023-1544.patch: protect against buggy or
      malicious guest driver in hw/rdma/vmw/pvrdma_main.c.
    - CVE-2023-1544
  * SECURITY UPDATE: 9pfs special file access
    - debian/patches/CVE-2023-2861.patch: prevent opening special files in
      fsdev/virtfs-proxy-helper.c, hw/9pfs/9p-util.h.
    - CVE-2023-2861
  * SECURITY UPDATE: heap overflow in crypto device
    - debian/patches/CVE-2023-3180.patch: verify src&dst buffer length for
      sym request in hw/virtio/virtio-crypto.c.
    - CVE-2023-3180
  * SECURITY UPDATE: infinite loop in VNC server
    - debian/patches/CVE-2023-3255.patch: fix infinite loop in
      inflate_buffer in ui/vnc-clipboard.c.
    - CVE-2023-3255
  * SECURITY UPDATE: race in virtio-net hot-unplug
    - debian/patches/CVE-2023-3301.patch: do not cleanup the vdpa/vhost-net
      structures if peer nic is present in net/vhost-vdpa.c.
    - CVE-2023-3301
  * SECURITY UPDATE: DoS in VNC server
    - debian/patches/CVE-2023-3354.patch: remove io watch if TLS channel is
      closed during handshake in include/io/channel-tls.h,
      io/channel-tls.c.
    - CVE-2023-3354
  * SECURITY UPDATE: disk offset 0 access
    - debian/patches/CVE-2023-5088.patch: cancel async DMA operation before
      resetting state in hw/ide/core.c.
    - CVE-2023-5088
  * SECURITY UPDATE: DoS in Intel HD Audio device
    - debian/patches/CVE-2021-3611-*.patch: add MemTxAttrs argument to
      DMA functions and use it in hw/audio/intel-hda.c.
    - CVE-2021-3611

Date: 2023-12-01 14:39:10.619253+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/qemu/1:6.2+dfsg-2ubuntu6.16
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list