[ubuntu/lunar-security] qemu 1:7.2+dfsg-5ubuntu2.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jan 8 17:20:52 UTC 2024
qemu (1:7.2+dfsg-5ubuntu2.4) lunar-security; urgency=medium
* SECURITY UPDATE: OOB read in RDMA device
- debian/patches/CVE-2023-1544.patch: protect against buggy or
malicious guest driver in hw/rdma/vmw/pvrdma_main.c.
- CVE-2023-1544
* SECURITY UPDATE: 9pfs special file access
- debian/patches/CVE-2023-2861.patch: prevent opening special files in
fsdev/virtfs-proxy-helper.c, hw/9pfs/9p-util.h.
- CVE-2023-2861
* SECURITY UPDATE: heap overflow in crypto device
- debian/patches/CVE-2023-3180.patch: verify src&dst buffer length for
sym request in hw/virtio/virtio-crypto.c.
- CVE-2023-3180
* SECURITY UPDATE: infinite loop in VNC server
- debian/patches/CVE-2023-3255.patch: fix infinite loop in
inflate_buffer in ui/vnc-clipboard.c.
- CVE-2023-3255
* SECURITY UPDATE: race in virtio-net hot-unplug
- debian/patches/CVE-2023-3301.patch: do not cleanup the vdpa/vhost-net
structures if peer nic is present in net/vhost-vdpa.c.
- CVE-2023-3301
* SECURITY UPDATE: DoS in VNC server
- debian/patches/CVE-2023-3354.patch: remove io watch if TLS channel is
closed during handshake in include/io/channel-tls.h,
io/channel-tls.c.
- CVE-2023-3354
* SECURITY UPDATE: division by zero via scsi block size
- debian/patches/CVE-2023-42467.patch: disallow block sizes smaller
than 512 in hw/scsi/scsi-disk.c.
- CVE-2023-42467
* SECURITY UPDATE: disk offset 0 access
- debian/patches/CVE-2023-5088.patch: cancel async DMA operation before
resetting state in hw/ide/core.c.
- CVE-2023-5088
qemu (1:7.2+dfsg-5ubuntu2.3) lunar; urgency=medium
* d/rules: remove --no-start for qemu-guest-agent (LP: #2028124)
Date: 2023-12-01 14:32:40.439250+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/qemu/1:7.2+dfsg-5ubuntu2.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the lunar-changes
mailing list