Launchpad.net

CVE 2019-9824

tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.

Related bugs and status

CVE-2019-9824 (Candidate) is related to these bugs:

Bug #1782206: KVM enable SnowRidge Accelerator Interfacing Architecture (AIA)

		In	Importance	Status
1782206	KVM enable SnowRidge Accelerator Interfacing Architecture (AIA)	xen (Ubuntu)	Wishlist	Incomplete
1782206	KVM enable SnowRidge Accelerator Interfacing Architecture (AIA)	qemu (Ubuntu)	Wishlist	Fix Released
1782206	KVM enable SnowRidge Accelerator Interfacing Architecture (AIA)	linux (Ubuntu)	Wishlist	Triaged

Bug #1812822: Guest crashed when detaching the ovs interface device

		In	Importance	Status
1812822	Guest crashed when detaching the ovs interface device	Ubuntu on IBM z Systems	Medium	Fix Released
1812822	Guest crashed when detaching the ovs interface device	qemu (Ubuntu)	Undecided	Fix Released
1812822	Guest crashed when detaching the ovs interface device	linux (Ubuntu)	Undecided	Invalid

Bug #1828038: [19.10 FEAT] Update hardware CPU Model z14

Summary				In	Importance	Status
	1828038	[19.10 FEAT] Update hardware CPU Model z14		qemu (Ubuntu)	Undecided	Fix Released
	1828038	[19.10 FEAT] Update hardware CPU Model z14		Ubuntu on IBM z Systems	High	Fix Released

Bug #1829380: race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)

		In	Importance	Status
1829380	race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)	qemu (Ubuntu)	Undecided	Invalid
1829380	race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)	qemu (Ubuntu Xenial)	Medium	Fix Released
1829380	race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)	Ubuntu Cloud Archive	Undecided	Invalid
1829380	race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)	Ubuntu Cloud Archive mitaka	Medium	Fix Released
1829380	race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)	Ubuntu Cloud Archive ocata	Medium	Fix Released

Bug #1830238: [19.10 FEAT] zKVM: Add hardware CPU Model - qemu part

Summary				In	Importance	Status
	1830238	[19.10 FEAT] zKVM: Add hardware CPU Model - qemu part		qemu (Ubuntu)	Undecided	Fix Released
	1830238	[19.10 FEAT] zKVM: Add hardware CPU Model - qemu part		Ubuntu on IBM z Systems	High	Fix Released

Bug #1830243: [19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu

		In	Importance	Status
1830243	[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu	qemu (Ubuntu)	Undecided	Fix Released
1830243	[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu	Ubuntu on IBM z Systems	High	Fix Released
1830243	[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu	qemu (Ubuntu Bionic)	Undecided	Fix Released
1830243	[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu	qemu (Ubuntu Eoan)	Undecided	Fix Released
1830243	[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu	qemu (Ubuntu Xenial)	Undecided	Fix Released
1830243	[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu	qemu (Ubuntu Disco)	Undecided	Fix Released
1830243	[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu	qemu (Ubuntu Cosmic)	Undecided	Won't Fix

Bug #1832622: QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)

		In	Importance	Status
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	qemu (Ubuntu)	Undecided	Fix Released
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	The Ubuntu-power-systems project	High	Fix Released
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	qemu (Ubuntu Xenial)	Undecided	Won't Fix
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	qemu (Ubuntu Bionic)	High	Fix Released
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	qemu (Ubuntu Cosmic)	Undecided	Won't Fix
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	qemu (Ubuntu Eoan)	Undecided	Fix Released
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	qemu (Ubuntu Disco)	High	Fix Released
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	linux (Ubuntu)	Undecided	Fix Released
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	linux (Ubuntu Bionic)	Undecided	Fix Released
1832622	QEMU - count cache flush Spectre v2 mitigation (CVE) (required for POWER9 DD2.3)	linux (Ubuntu Disco)	High	Fix Released

Bug #1834113: QEMU touchpad input erratic after wakeup from sleep

		In	Importance	Status
1834113	QEMU touchpad input erratic after wakeup from sleep	qemu (Ubuntu)	Low	Expired
1834113	QEMU touchpad input erratic after wakeup from sleep	QEMU	Undecided	Expired
1834113	QEMU touchpad input erratic after wakeup from sleep	libvirt (Ubuntu)	Low	Expired

Bug #1847806: eoan: ppc64el install on pseries-eoan VM fails to install

		In	Importance	Status
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu)	Low	Fix Released
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	The Ubuntu-power-systems project	Low	Fix Released
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Eoan)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Eoan)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Eoan)	Low	Won't Fix
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Focal)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Focal)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Focal)	Medium	Fix Released
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Disco)	Undecided	Won't Fix
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Disco)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Disco)	Low	Won't Fix
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Bionic)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Bionic)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Bionic)	Low	Won't Fix

Bug #1852744: [20.04 FEAT] zKVM: Crypto Passthrough Interrupt Support - qemu part

Summary				In	Importance	Status
	1852744	[20.04 FEAT] zKVM: Crypto Passthrough Interrupt Support - qemu part		qemu (Ubuntu)	Undecided	Fix Released
	1852744	[20.04 FEAT] zKVM: Crypto Passthrough Interrupt Support - qemu part		Ubuntu on IBM z Systems	High	Fix Released

Bug #1857033: qemu kvm add Cooper Lake cpu model

Summary				In	Importance	Status
	1857033	qemu kvm add Cooper Lake cpu model		qemu (Ubuntu)	Undecided	Fix Released

Bug #1859527: vring_get_region_caches: Assertion `caches != NULL' failed.

		In	Importance	Status
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu)	Undecided	Fix Released
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Focal)	Undecided	Fix Released
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Bionic)	Undecided	Fix Released
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Disco)	Undecided	Won't Fix
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Eoan)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2019-9824

Related bugs and status

Related bugs

References