Lucene search
UbuntuUSN-4467-3HistoryFeb 22, 2021 - 12:00 a.m.
QEMU regression
2021-02-2200:00:00
ubuntu.com
83
Releases
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
Packages
- qemu - Machine emulator and virtualizer
Details
USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754
introduced a regression in certain environments. This update fixes the
problem.
We apologize for the inconvenience.
Original advisory details:
Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko
discovered that the QEMU incorrectly handled certain msi-x mmio operations.
An attacker inside a guest could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. (CVE-2020-13754)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 20.10 | noarch | qemu | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-block-extra | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-block-extra-dbgsym | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-guest-agent | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-guest-agent-dbgsym | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-kvm | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-system | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-system-arm | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-system-arm-dbgsym | < 1:5.0-5ubuntu9.6 | UNKNOWN |
| Ubuntu | 20.10 | noarch | qemu-system-common | < 1:5.0-5ubuntu9.6 | UNKNOWN |
References
Related
cbl_mariner
cbl_mariner
CVE-2020-13754 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
cvelist
cvelist
CVE-2020-13754
2020-06-02 13:37:25
prion
prion
Out-of-bounds
2020-06-02 14:15:00
cve
cve
CVE-2020-13754
2020-06-02 14:15:00
debiancve
debiancve
CVE-2020-13754
2020-06-02 14:15:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 04:23:32
alpinelinux
alpinelinux
CVE-2020-13754
2020-06-02 14:15:00
ubuntucve
ubuntucve
CVE-2020-13754
2020-06-02 00:00:00
redhatcve
redhatcve
CVE-2020-13754
2020-06-01 18:20:19
osv
osv
CVE-2020-13754
2020-06-02 14:15:10
qemu regression
2021-02-22 16:04:05
Moderate: virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
openvas
openvas
Ubuntu: Security Advisory (USN-4467-3)
2021-02-23 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2020-2531)
2020-12-15 00:00:00
Debian: Security Advisory (DSA-4733-1)
2020-07-25 00:00:00
nessus
nessus
RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:2521)
2021-06-27 00:00:00
EulerOS 2.0 SP8 : qemu (EulerOS-SA-2020-2531)
2020-12-14 00:00:00
Debian DSA-4733-1 : qemu - security update
2020-07-27 00:00:00
redhat
redhat
debian
debian
[SECURITY] [DSA 4733-1] qemu security update
2020-07-24 09:14:57
[SECURITY] [DSA 4728-1] qemu security update
2020-07-19 18:01:22
[SECURITY] [DLA 2288-1] qemu security update
2020-07-26 11:51:49
f5
f5
oraclelinux
oraclelinux
virt:ol and virt-devel:rhel security and bug fix update
2021-08-12 00:00:00
qemu security update
2021-02-08 00:00:00
almalinux
almalinux
Moderate: virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
rocky
rocky
virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
ubuntu
ubuntu
QEMU vulnerabilities
2021-02-02 00:00:00
QEMU vulnerabilities
2020-08-19 00:00:00
gentoo
gentoo
QEMU: Multiple vulnerabilities
2020-11-11 00:00:00