USN-4511-1

See a problem?

Source

https://ubuntu.com/security/notices/USN-4511-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4511-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4511-1

Related

CVE-2020-14364
UBUNTU-CVE-2020-14364

Published

2020-09-17T11:10:51.996995Z

Modified

2020-09-17T11:10:51.996995Z

Summary

qemu vulnerability

Details

Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile.

References

Affected packages

Ubuntu:16.04:LTS / qemu

Package

Name: qemu
Purl: pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.46?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.5+dfsg-5ubuntu10.46

Affected versions

1:2.*

1:2.3+dfsg-5ubuntu9

1:2.3+dfsg-5ubuntu10

1:2.4+dfsg-4ubuntu1

1:2.4+dfsg-4ubuntu2

1:2.4+dfsg-4ubuntu3

1:2.4+dfsg-5ubuntu3

1:2.5+dfsg-1ubuntu2

1:2.5+dfsg-1ubuntu3

1:2.5+dfsg-1ubuntu4

1:2.5+dfsg-1ubuntu5

1:2.5+dfsg-5ubuntu1

1:2.5+dfsg-5ubuntu2

1:2.5+dfsg-5ubuntu4

1:2.5+dfsg-5ubuntu6

1:2.5+dfsg-5ubuntu7

1:2.5+dfsg-5ubuntu10

1:2.5+dfsg-5ubuntu10.1

1:2.5+dfsg-5ubuntu10.2

1:2.5+dfsg-5ubuntu10.3

1:2.5+dfsg-5ubuntu10.4

1:2.5+dfsg-5ubuntu10.5

1:2.5+dfsg-5ubuntu10.6

1:2.5+dfsg-5ubuntu10.7

1:2.5+dfsg-5ubuntu10.8

1:2.5+dfsg-5ubuntu10.9

1:2.5+dfsg-5ubuntu10.10

1:2.5+dfsg-5ubuntu10.11

1:2.5+dfsg-5ubuntu10.13

1:2.5+dfsg-5ubuntu10.14

1:2.5+dfsg-5ubuntu10.15

1:2.5+dfsg-5ubuntu10.16

1:2.5+dfsg-5ubuntu10.20

1:2.5+dfsg-5ubuntu10.21

1:2.5+dfsg-5ubuntu10.22

1:2.5+dfsg-5ubuntu10.24

1:2.5+dfsg-5ubuntu10.25

1:2.5+dfsg-5ubuntu10.26

1:2.5+dfsg-5ubuntu10.28

1:2.5+dfsg-5ubuntu10.29

1:2.5+dfsg-5ubuntu10.30

1:2.5+dfsg-5ubuntu10.31

1:2.5+dfsg-5ubuntu10.32

1:2.5+dfsg-5ubuntu10.33

1:2.5+dfsg-5ubuntu10.34

1:2.5+dfsg-5ubuntu10.35

1:2.5+dfsg-5ubuntu10.36

1:2.5+dfsg-5ubuntu10.37

1:2.5+dfsg-5ubuntu10.38

1:2.5+dfsg-5ubuntu10.39

1:2.5+dfsg-5ubuntu10.40

1:2.5+dfsg-5ubuntu10.41

1:2.5+dfsg-5ubuntu10.42

1:2.5+dfsg-5ubuntu10.43

1:2.5+dfsg-5ubuntu10.44

1:2.5+dfsg-5ubuntu10.45

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "qemu-system-misc": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-guest-agent-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-block-extra-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-utils-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-user": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-arm-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-kvm": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-ppc-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-aarch64": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-user-static": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-arm": "1:2.5+dfsg-5ubuntu10.46",
            "qemu": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-sparc": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-s390x-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-common-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-x86-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-guest-agent": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-utils": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-sparc-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-misc-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-block-extra": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-mips-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-x86": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-ppc": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-s390x": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-common": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-user-static-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-system-mips": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-user-dbgsym": "1:2.5+dfsg-5ubuntu10.46",
            "qemu-user-binfmt": "1:2.5+dfsg-5ubuntu10.46"
        }
    ]
}

Ubuntu:18.04:LTS / qemu

Package

Name: qemu
Purl: pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.32?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.11+dfsg-1ubuntu7.32

Affected versions

1:2.*

1:2.10+dfsg-0ubuntu3

1:2.10+dfsg-0ubuntu4

1:2.10+dfsg-0ubuntu5

1:2.11+dfsg-1ubuntu1

1:2.11+dfsg-1ubuntu2

1:2.11+dfsg-1ubuntu4

1:2.11+dfsg-1ubuntu5

1:2.11+dfsg-1ubuntu6

1:2.11+dfsg-1ubuntu7

1:2.11+dfsg-1ubuntu7.1

1:2.11+dfsg-1ubuntu7.2

1:2.11+dfsg-1ubuntu7.3

1:2.11+dfsg-1ubuntu7.4

1:2.11+dfsg-1ubuntu7.5

1:2.11+dfsg-1ubuntu7.6

1:2.11+dfsg-1ubuntu7.7

1:2.11+dfsg-1ubuntu7.8

1:2.11+dfsg-1ubuntu7.9

1:2.11+dfsg-1ubuntu7.10

1:2.11+dfsg-1ubuntu7.12

1:2.11+dfsg-1ubuntu7.13

1:2.11+dfsg-1ubuntu7.14

1:2.11+dfsg-1ubuntu7.15

1:2.11+dfsg-1ubuntu7.17

1:2.11+dfsg-1ubuntu7.18

1:2.11+dfsg-1ubuntu7.19

1:2.11+dfsg-1ubuntu7.20

1:2.11+dfsg-1ubuntu7.21

1:2.11+dfsg-1ubuntu7.22

1:2.11+dfsg-1ubuntu7.23

1:2.11+dfsg-1ubuntu7.25

1:2.11+dfsg-1ubuntu7.26

1:2.11+dfsg-1ubuntu7.27

1:2.11+dfsg-1ubuntu7.28

1:2.11+dfsg-1ubuntu7.29

1:2.11+dfsg-1ubuntu7.31

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "qemu-system-misc": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-guest-agent-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-block-extra-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-utils-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-user": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-arm-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-kvm": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-ppc-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-user-static": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-arm": "1:2.11+dfsg-1ubuntu7.32",
            "qemu": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-sparc": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-s390x-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-common-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-x86-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-guest-agent": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-utils": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-block-extra": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-misc-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-sparc-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-mips-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-x86": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-ppc": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-s390x": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-common": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-user-static-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-system-mips": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-user-dbgsym": "1:2.11+dfsg-1ubuntu7.32",
            "qemu-user-binfmt": "1:2.11+dfsg-1ubuntu7.32"
        }
    ]
}

Ubuntu:20.04:LTS / qemu

Package

Name: qemu
Purl: pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.6?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:4.2-3ubuntu6.6

Affected versions

1:4.*

1:4.0+dfsg-0ubuntu9

1:4.0+dfsg-0ubuntu10

1:4.2-1ubuntu1

1:4.2-1ubuntu2

1:4.2-3ubuntu1

1:4.2-3ubuntu2

1:4.2-3ubuntu3

1:4.2-3ubuntu4

1:4.2-3ubuntu5

1:4.2-3ubuntu6

1:4.2-3ubuntu6.1

1:4.2-3ubuntu6.2

1:4.2-3ubuntu6.3

1:4.2-3ubuntu6.4

1:4.2-3ubuntu6.5

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "qemu-system-misc": "1:4.2-3ubuntu6.6",
            "qemu-guest-agent-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-block-extra-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-utils-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-user": "1:4.2-3ubuntu6.6",
            "qemu-system-x86-microvm": "1:4.2-3ubuntu6.6",
            "qemu-kvm": "1:4.2-3ubuntu6.6",
            "qemu-system-arm-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-ppc-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-user-static": "1:4.2-3ubuntu6.6",
            "qemu-system-arm": "1:4.2-3ubuntu6.6",
            "qemu": "1:4.2-3ubuntu6.6",
            "qemu-system-x86-xen": "1:4.2-3ubuntu6.6",
            "qemu-system-sparc": "1:4.2-3ubuntu6.6",
            "qemu-system-data": "1:4.2-3ubuntu6.6",
            "qemu-system-common-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-s390x-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-x86-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system": "1:4.2-3ubuntu6.6",
            "qemu-guest-agent": "1:4.2-3ubuntu6.6",
            "qemu-utils": "1:4.2-3ubuntu6.6",
            "qemu-system-x86-xen-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-block-extra": "1:4.2-3ubuntu6.6",
            "qemu-system-misc-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-sparc-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-mips-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-x86": "1:4.2-3ubuntu6.6",
            "qemu-system-ppc": "1:4.2-3ubuntu6.6",
            "qemu-system-s390x": "1:4.2-3ubuntu6.6",
            "qemu-system-x86-microvm-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-common": "1:4.2-3ubuntu6.6",
            "qemu-system-gui-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-user-static-dbgsym": "1:4.2-3ubuntu6.6",
            "qemu-system-mips": "1:4.2-3ubuntu6.6",
            "qemu-system-gui": "1:4.2-3ubuntu6.6",
            "qemu-user-binfmt": "1:4.2-3ubuntu6.6",
            "qemu-user-dbgsym": "1:4.2-3ubuntu6.6"
        }
    ]
}