USN-2692-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-2692-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-2692-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-2692-1
Related
  • CVE-2015-3214
  • CVE-2015-5154
  • CVE-2015-5158
Published
2015-07-28T16:29:35.194660Z
Modified
2015-07-28T16:29:35.194660Z
Summary
qemu vulnerabilities
Details

Matt Tait discovered that QEMU incorrectly handled PIT emulation. In a non-default configuration, a malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-3214)

Kevin Wolf discovered that QEMU incorrectly handled processing ATAPI commands. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-5154)

Zhu Donghai discovered that QEMU incorrectly handled the SCSI driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 15.04. (CVE-2015-5158)

References

Affected packages

Ubuntu:14.04:LTS / qemu

Package

Name
qemu

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.0+dfsg-2ubuntu1.15

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "qemu-system-misc": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-guest-agent": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-utils": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-user": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-kvm": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system-aarch64": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-user-static": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system-arm": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system-x86": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system-ppc": "2.0.0+dfsg-2ubuntu1.15",
            "qemu": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system-common": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-keymaps": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system-sparc": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-system-mips": "2.0.0+dfsg-2ubuntu1.15",
            "qemu-common": "2.0.0+dfsg-2ubuntu1.15"
        }
    ]
}