[ubuntu/noble-updates] qemu 1:8.2.2+ds-0ubuntu1.10 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Sep 11 14:01:57 UTC 2025
qemu (1:8.2.2+ds-0ubuntu1.10) noble-security; urgency=medium
* SECURITY UPDATE: double-free in QEMU virtio devices
- debian/patches/CVE-2024-3446-pre1.patch: introduce
virtio_bh_new_guarded() helper in hw/virtio/virtio.c,
include/hw/virtio/virtio.h.
- debian/patches/CVE-2024-3446-1.patch: protect from DMA re-entrancy
bugs in hw/virtio/virtio-crypto.c.
- debian/patches/CVE-2024-3446-2.patch: protect from DMA re-entrancy
bugs in hw/char/virtio-serial-bus.c.
- debian/patches/CVE-2024-3446-3.patch: protect from DMA re-entrancy
bugs in hw/display/virtio-gpu.c.
- CVE-2024-3446
* SECURITY UPDATE: heap overflow in SDHCI device emulation
- debian/patches/CVE-2024-3447.patch: do not update TRNMOD when Command
Inhibit (DAT) is set in hw/sd/sdhci.c.
- CVE-2024-3447
* SECURITY UPDATE: assert failure in checksum calculation
- debian/patches/CVE-2024-3567.patch: fix overrun in
update_sctp_checksum() in hw/net/net_tx_pkt.c.
- CVE-2024-3567
* SECURITY UPDATE: resource consumption in disk utility
- debian/patches/CVE-2024-4467-1.patch: don't open data_file with
BDRV_O_NO_IO in block/qcow2.c, tests/qemu-iotests/061*.
- debian/patches/CVE-2024-4467-2.patch: don't store data-file with
protocol in image in tests/qemu-iotests/244.
- debian/patches/CVE-2024-4467-3.patch: don't store data-file with
json: prefix in image in tests/qemu-iotests/270.
- debian/patches/CVE-2024-4467-4.patch: parse filenames only when
explicitly requested in block.c.
- CVE-2024-4467
* SECURITY UPDATE: heap overflow in virtio-net device RSS feature
- debian/patches/CVE-2024-6505.patch: ensure queue index fits with RSS
in hw/net/virtio-net.c.
- CVE-2024-6505
* SECURITY UPDATE: Dos via improper synchronization during socket closure
- debian/patches/CVE-2024-7409-1.patch: plumb in new args to
nbd_client_add() in blockdev-nbd.c, include/block/nbd.h,
nbd/server.c, qemu-nbd.c.
- debian/patches/CVE-2024-7409-2.patch: cap default max-connections to
100 in block/monitor/block-hmp-cmds.c, blockdev-nbd.c,
include/block/nbd.h, qapi/block-export.json.
- debian/patches/CVE-2024-7409-3.patch: close stray clients at
server-stop in blockdev-nbd.c.
- debian/patches/CVE-2024-7409-4.patch: drop non-negotiating clients in
nbd/server.c, nbd/trace-events.
- debian/patches/CVE-2024-7409-5.patch: avoid use-after-free when
closing server in blockdev-nbd.c.
- CVE-2024-7409
* SECURITY UPDATE: DoS via assert failure in usb_ep_get()
- debian/patches/CVE-2024-8354.patch: change ohci validation in
hw/usb/hcd-ohci.c, hw/usb/trace-events.
- CVE-2024-8354
* SECURITY UPDATE: possibly binfmt privilege escalation (LP: #2120814)
- debian/binfmt-install: stop using C (Credentials) flag for
binfmt_misc registration.
Date: 2025-08-26 12:10:28.330820+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/qemu/1:8.2.2+ds-0ubuntu1.10
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list