usn-4467-1
Vulnerability from osv_ubuntu
Published
2020-08-19 17:01
Modified
2026-04-27 14:11
Summary
qemu vulnerabilities
Details

Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-10756)

Eric Blake and Xueqiang Wei discovered that the QEMU NDB implementation incorrectly handled certain requests. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-10761)

Ziming Zhang discovered that the QEMU SM501 graphics driver incorrectly handled certain operations. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12829)

It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13253)

Ren Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver incorrectly handled certain invalid frame counts. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13361)

Ren Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13362)

Alexander Bulekov discovered that QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory space operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13659)

Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13754)

It was discovered that QEMU incorrectly handled certain memory copy operations when loading ROM contents. If a user were tricked into running an untrusted kernel image, a remote attacker could possibly use this issue to run arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-13765)

Ren Ding, Hanqing Zhao, and Yi Ren discovered that the QEMU ATI video driver incorrectly handled certain index values. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-13800)

Ziming Zhang discovered that the QEMU OSS audio driver incorrectly handled certain operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-14415)

Ziming Zhang discovered that the QEMU XGMAC Ethernet controller incorrectly handled packet transmission. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-15863)

Ziming Zhang discovered that the QEMU e1000e Ethernet controller incorrectly handled packet processing. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-16092)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-12829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13253",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13361",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13362",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13659",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13754",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13765",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-15863",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "qemu",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-block-extra",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-guest-agent",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-kvm",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-aarch64",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-arm",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-common",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-mips",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-misc",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-ppc",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-s390x",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-sparc",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-system-x86",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-user",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-user-binfmt",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-user-static",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          },
          {
            "binary_name": "qemu-utils",
            "binary_version": "1:2.5+dfsg-5ubuntu10.45"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "qemu",
        "purl": "pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.45?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:2.5+dfsg-5ubuntu10.45"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1:2.3+dfsg-5ubuntu9",
        "1:2.3+dfsg-5ubuntu10",
        "1:2.4+dfsg-4ubuntu1",
        "1:2.4+dfsg-4ubuntu2",
        "1:2.4+dfsg-4ubuntu3",
        "1:2.4+dfsg-5ubuntu3",
        "1:2.5+dfsg-1ubuntu2",
        "1:2.5+dfsg-1ubuntu3",
        "1:2.5+dfsg-1ubuntu4",
        "1:2.5+dfsg-1ubuntu5",
        "1:2.5+dfsg-5ubuntu1",
        "1:2.5+dfsg-5ubuntu2",
        "1:2.5+dfsg-5ubuntu4",
        "1:2.5+dfsg-5ubuntu6",
        "1:2.5+dfsg-5ubuntu7",
        "1:2.5+dfsg-5ubuntu10",
        "1:2.5+dfsg-5ubuntu10.1",
        "1:2.5+dfsg-5ubuntu10.2",
        "1:2.5+dfsg-5ubuntu10.3",
        "1:2.5+dfsg-5ubuntu10.4",
        "1:2.5+dfsg-5ubuntu10.5",
        "1:2.5+dfsg-5ubuntu10.6",
        "1:2.5+dfsg-5ubuntu10.7",
        "1:2.5+dfsg-5ubuntu10.8",
        "1:2.5+dfsg-5ubuntu10.9",
        "1:2.5+dfsg-5ubuntu10.10",
        "1:2.5+dfsg-5ubuntu10.11",
        "1:2.5+dfsg-5ubuntu10.13",
        "1:2.5+dfsg-5ubuntu10.14",
        "1:2.5+dfsg-5ubuntu10.15",
        "1:2.5+dfsg-5ubuntu10.16",
        "1:2.5+dfsg-5ubuntu10.20",
        "1:2.5+dfsg-5ubuntu10.21",
        "1:2.5+dfsg-5ubuntu10.22",
        "1:2.5+dfsg-5ubuntu10.24",
        "1:2.5+dfsg-5ubuntu10.25",
        "1:2.5+dfsg-5ubuntu10.26",
        "1:2.5+dfsg-5ubuntu10.28",
        "1:2.5+dfsg-5ubuntu10.29",
        "1:2.5+dfsg-5ubuntu10.30",
        "1:2.5+dfsg-5ubuntu10.31",
        "1:2.5+dfsg-5ubuntu10.32",
        "1:2.5+dfsg-5ubuntu10.33",
        "1:2.5+dfsg-5ubuntu10.34",
        "1:2.5+dfsg-5ubuntu10.35",
        "1:2.5+dfsg-5ubuntu10.36",
        "1:2.5+dfsg-5ubuntu10.37",
        "1:2.5+dfsg-5ubuntu10.38",
        "1:2.5+dfsg-5ubuntu10.39",
        "1:2.5+dfsg-5ubuntu10.40",
        "1:2.5+dfsg-5ubuntu10.41",
        "1:2.5+dfsg-5ubuntu10.42",
        "1:2.5+dfsg-5ubuntu10.43",
        "1:2.5+dfsg-5ubuntu10.44"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-10756",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-12829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13253",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13361",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13362",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13659",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13754",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13765",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-15863",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-16092",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "qemu",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-block-extra",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-guest-agent",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-kvm",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-arm",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-common",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-mips",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-misc",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-ppc",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-s390x",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-sparc",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-system-x86",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-user",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-user-binfmt",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-user-static",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          },
          {
            "binary_name": "qemu-utils",
            "binary_version": "1:2.11+dfsg-1ubuntu7.31"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:18.04:LTS",
        "name": "qemu",
        "purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.31?arch=source\u0026distro=bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:2.11+dfsg-1ubuntu7.31"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1:2.10+dfsg-0ubuntu3",
        "1:2.10+dfsg-0ubuntu4",
        "1:2.10+dfsg-0ubuntu5",
        "1:2.11+dfsg-1ubuntu1",
        "1:2.11+dfsg-1ubuntu2",
        "1:2.11+dfsg-1ubuntu4",
        "1:2.11+dfsg-1ubuntu5",
        "1:2.11+dfsg-1ubuntu6",
        "1:2.11+dfsg-1ubuntu7",
        "1:2.11+dfsg-1ubuntu7.1",
        "1:2.11+dfsg-1ubuntu7.2",
        "1:2.11+dfsg-1ubuntu7.3",
        "1:2.11+dfsg-1ubuntu7.4",
        "1:2.11+dfsg-1ubuntu7.5",
        "1:2.11+dfsg-1ubuntu7.6",
        "1:2.11+dfsg-1ubuntu7.7",
        "1:2.11+dfsg-1ubuntu7.8",
        "1:2.11+dfsg-1ubuntu7.9",
        "1:2.11+dfsg-1ubuntu7.10",
        "1:2.11+dfsg-1ubuntu7.12",
        "1:2.11+dfsg-1ubuntu7.13",
        "1:2.11+dfsg-1ubuntu7.14",
        "1:2.11+dfsg-1ubuntu7.15",
        "1:2.11+dfsg-1ubuntu7.17",
        "1:2.11+dfsg-1ubuntu7.18",
        "1:2.11+dfsg-1ubuntu7.19",
        "1:2.11+dfsg-1ubuntu7.20",
        "1:2.11+dfsg-1ubuntu7.21",
        "1:2.11+dfsg-1ubuntu7.22",
        "1:2.11+dfsg-1ubuntu7.23",
        "1:2.11+dfsg-1ubuntu7.25",
        "1:2.11+dfsg-1ubuntu7.26",
        "1:2.11+dfsg-1ubuntu7.27",
        "1:2.11+dfsg-1ubuntu7.28",
        "1:2.11+dfsg-1ubuntu7.29"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-10761",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-12829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13253",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13361",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13362",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13659",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13754",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-13800",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-14415",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-15863",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-16092",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "qemu",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-block-extra",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-guest-agent",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-kvm",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-arm",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-common",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-data",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-gui",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-mips",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-misc",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-ppc",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-s390x",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-sparc",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-x86",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-x86-microvm",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-system-x86-xen",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-user",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-user-binfmt",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-user-static",
            "binary_version": "1:4.2-3ubuntu6.4"
          },
          {
            "binary_name": "qemu-utils",
            "binary_version": "1:4.2-3ubuntu6.4"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "qemu",
        "purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.4?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:4.2-3ubuntu6.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1:4.0+dfsg-0ubuntu9",
        "1:4.0+dfsg-0ubuntu10",
        "1:4.2-1ubuntu1",
        "1:4.2-1ubuntu2",
        "1:4.2-3ubuntu1",
        "1:4.2-3ubuntu2",
        "1:4.2-3ubuntu3",
        "1:4.2-3ubuntu4",
        "1:4.2-3ubuntu5",
        "1:4.2-3ubuntu6",
        "1:4.2-3ubuntu6.1",
        "1:4.2-3ubuntu6.2",
        "1:4.2-3ubuntu6.3"
      ]
    }
  ],
  "aliases": [],
  "details": "Ziming Zhang and VictorV discovered that the QEMU SLiRP networking\nimplementation incorrectly handled replying to certain ICMP echo requests.\nAn attacker inside a guest could possibly use this issue to leak host\nmemory to obtain sensitive information. This issue only affected Ubuntu\n18.04 LTS. (CVE-2020-10756)\n\nEric Blake and Xueqiang Wei discovered that the QEMU NDB implementation\nincorrectly handled certain requests. A remote attacker could possibly use\nthis issue to cause QEMU to crash, resulting in a denial of service. This\nissue only affected Ubuntu 20.04 LTS. (CVE-2020-10761)\n\nZiming Zhang discovered that the QEMU SM501 graphics driver incorrectly\nhandled certain operations. An attacker inside a guest could use this issue\nto cause QEMU to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2020-12829)\n\nIt was discovered that the QEMU SD memory card implementation incorrectly\nhandled certain memory operations. An attacker inside a guest could\npossibly use this issue to cause QEMU to crash, resulting in a denial of\nservice. (CVE-2020-13253)\n\nRen Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver\nincorrectly handled certain invalid frame counts. An attacker inside a\nguest could possibly use this issue to cause QEMU to crash, resulting in a\ndenial of service. (CVE-2020-13361)\n\nRen Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver\nincorrectly handled certain memory operations. An attacker inside a guest\ncould possibly use this issue to cause QEMU to crash, resulting in a denial\nof service. (CVE-2020-13362)\n\nAlexander Bulekov discovered that QEMU MegaRAID SAS SCSI driver incorrectly\nhandled certain memory space operations. An attacker inside a guest could\npossibly use this issue to cause QEMU to crash, resulting in a denial of\nservice. (CVE-2020-13659)\n\nRen Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko\ndiscovered that the QEMU incorrectly handled certain msi-x mmio operations.\nAn attacker inside a guest could possibly use this issue to cause QEMU to\ncrash, resulting in a denial of service. (CVE-2020-13754)\n\nIt was discovered that QEMU incorrectly handled certain memory copy\noperations when loading ROM contents. If a user were tricked into running\nan untrusted kernel image, a remote attacker could possibly use this issue\nto run arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu\n18.04 LTS. (CVE-2020-13765)\n\nRen Ding, Hanqing Zhao, and Yi Ren discovered that the QEMU ATI video\ndriver incorrectly handled certain index values. An attacker inside a guest\ncould possibly use this issue to cause QEMU to crash, resulting in a denial\nof service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-13800)\n\nZiming Zhang discovered that the QEMU OSS audio driver incorrectly handled\ncertain operations. An attacker inside a guest could possibly use this\nissue to cause QEMU to crash, resulting in a denial of service. This issue\nonly affected Ubuntu 20.04 LTS. (CVE-2020-14415)\n\nZiming Zhang discovered that the QEMU XGMAC Ethernet controller incorrectly\nhandled packet transmission. An attacker inside a guest could use this\nissue to cause QEMU to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2020-15863)\n\nZiming Zhang discovered that the QEMU e1000e Ethernet controller\nincorrectly handled packet processing. An attacker inside a guest could\npossibly use this issue to cause QEMU to crash, resulting in a denial of\nservice. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.\n(CVE-2020-16092)\n",
  "id": "USN-4467-1",
  "modified": "2026-04-27T14:11:25Z",
  "published": "2020-08-19T17:01:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-4467-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-10756"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-10761"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-12829"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-13253"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-13361"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-13362"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-13659"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-13754"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-13765"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-13800"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-14415"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-15863"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-16092"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "qemu vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2020-10756",
    "UBUNTU-CVE-2020-10761",
    "UBUNTU-CVE-2020-12829",
    "UBUNTU-CVE-2020-13253",
    "UBUNTU-CVE-2020-13361",
    "UBUNTU-CVE-2020-13362",
    "UBUNTU-CVE-2020-13659",
    "UBUNTU-CVE-2020-13754",
    "UBUNTU-CVE-2020-13765",
    "UBUNTU-CVE-2020-13800",
    "UBUNTU-CVE-2020-14415",
    "UBUNTU-CVE-2020-15863",
    "UBUNTU-CVE-2020-16092"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…