Regression: spice usbredirect causes windows client to crash
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
qemu (Ubuntu) |
Expired
|
High
|
Unassigned |
Bug Description
I have been using Ubuntu 14.04.3 as the host OS for a series of Windows based VM clients (Windows XP SP3 32-bit and Windows 10 Pro - 64bit) and using 'spice-client-gtk' to proxy a usb device (a webcam). Everything is fine if I use:
hi qemu-keymaps 2.0.0+dfsg-
hi qemu-kvm 2.0.0+dfsg-
hi qemu-system-common 2.0.0+dfsg-
hi qemu-system-x86 2.0.0+dfsg-
hi qemu-utils 2.0.0+dfsg-
However, after I've upgraded to the latest stable version: 2.0.0+dfsg-
* I start 'spicy'
* Connect to the remote windows guest
* Choose the webcam to export
Thus, far everything is normal (the device connects). Once I try to use the webcam (from either skype or chrome) - I get a brief indeicator light from the webcam... then the Windows XP Guest blue-screens and the Windows 10 Pro Guest hardlocks.
I get no useful information from the Host's /var/log/syslog.
I've also tried to compile the latest version of remote-viewer from source (version 3.1). When, it tries to connect to 2.0.0+dfsg-
I also tried upgrading the usbdk version on the windows clients to the most recent version v1.0.12 (from http://
Here is a list of the packages that caused the error:
ii qemu-keymaps 2.0.0+dfsg-
ii qemu-kvm 2.0.0+dfsg-
ii qemu-system-common 2.0.0+dfsg-
ii qemu-system-x86 2.0.0+dfsg-
ii qemu-utils 2.0.0+dfsg-
Here is the version of spicy, I've used with both 1.19 and 1.22:
ii libspice-
ii libspice-
ii libspice-
ii spice-client-
ii spice-client-gtk 0.22-0nocelt2 amd64 Simple clients for interacting with SPICE servers
My current work-around was to revert the qemu-* packages back to version 1.19. I don't know at which revision this error occurred, but it was somewhere between 1.20 and 1.22.
How to recreate the problem:
* Create a windows VM (it might also apply to other guest o/s)
* Install spice-client-gtk
* Configure the VM to use spice (https:/
* Start the VM
* Attach a webcam (or probably another other device)
* Within the VM start an application that uses the device (I'd used both Skype and https:/
CVE References
Changed in qemu (Ubuntu): | |
importance: | Undecided → High |
Thanks for submitting this bug report.
Based on the changelog entries, I would guess that this was introduced by the fix to CVE-2015-8619.
Could you verify that downgrading to 2.0.0+dfsg- 2ubuntu1. 21 also fixes it for you?