CVE 2020-16092
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_
Related bugs and status
CVE-2020-16092 (Candidate) is related to these bugs:
Bug #1805256: qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images
Bug #1890881: qemu-user-static 1:5.0-5ubuntu4 in groovy does not start armhf container
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1890881 | qemu-user-static 1:5.0-5ubuntu4 in groovy does not start armhf container | qemu (Ubuntu) | Medium | Fix Released | ||
1890881 | qemu-user-static 1:5.0-5ubuntu4 in groovy does not start armhf container | qemu (Debian) | Unknown | Fix Released | ||
1890881 | qemu-user-static 1:5.0-5ubuntu4 in groovy does not start armhf container | qemu (Ubuntu Focal) | Undecided | Won't Fix |
Bug #1891187: qemu CVE-2020-16092
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1891187 | qemu CVE-2020-16092 | qemu (Ubuntu) | Undecided | Fix Released |
Bug #1897854: groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed.
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1897854 | groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed. | qemu (Ubuntu) | Undecided | Fix Released | ||
1897854 | groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed. | qemu (Ubuntu Groovy) | Undecided | Fix Released |
Bug #1902654: failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | libvirt (Ubuntu) | Undecided | Invalid | ||
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | qemu (Ubuntu) | Medium | Fix Released | ||
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | qemu (Ubuntu Groovy) | Medium | Fix Released | ||
1902654 | failure to migrate virtual machines with pc-i440fx-wily type to ubuntu 20.04 | qemu (Ubuntu Focal) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.