[ubuntu/focal-updates] qemu 1:4.2-3ubuntu6.12 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Feb 8 13:29:45 UTC 2021
qemu (1:4.2-3ubuntu6.12) focal-security; urgency=medium
* SECURITY UPDATE: heap overread in iscsi_aio_ioctl_cb
- debian/patches/ubuntu/CVE-2020-11947.patch: fix heap-buffer-overflow
in block/iscsi.c.
- CVE-2020-11947
* SECURITY UPDATE: use-after-free in e1000e
- debian/patches/ubuntu/CVE-2020-15859.patch: forbid the reentrant RX
in net/queue.c.
- CVE-2020-15859
* SECURITY UPDATE: OOB write to MSI-X table
- debian/patches/ubuntu/CVE-2020-27821.patch: clamp cached translation
in case it points to an MMIO region in exec.c.
- CVE-2020-27821
* SECURITY UPDATE: infinite loop in e1000e
- debian/patches/ubuntu/CVE-2020-28916.patch: advance desc_offset in
case of null descriptor in hw/net/e1000e_core.c.
- CVE-2020-28916
* SECURITY UPDATE: out of bounds read in atapi
- debian/patches/ubuntu/CVE-2020-29443-1.patch: assert that the buffer
pointer is in range in hw/ide/atapi.c.
- debian/patches/ubuntu/CVE-2020-29443-2.patch: check logical block
address and read size in hw/ide/atapi.c.
- CVE-2020-29443
* SECURITY UPDATE: use after free in 9p
- debian/patches/ubuntu/CVE-2021-20181.patch: fully restart unreclaim
loop in hw/9pfs/9p.c.
- CVE-2021-20181
Date: 2021-02-04 11:42:12.076119+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/qemu/1:4.2-3ubuntu6.12
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list