CVE 2020-11102
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
Related bugs and status
CVE-2020-11102 (Candidate) is related to these bugs:
Bug #1749393: sbrk() not working under qemu-user with a PIE-compiled binary?
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1749393 | sbrk() not working under qemu-user with a PIE-compiled binary? | QEMU | Undecided | Fix Released | ||
1749393 | sbrk() not working under qemu-user with a PIE-compiled binary? | qemu (Ubuntu) | Undecided | Fix Released | ||
1749393 | sbrk() not working under qemu-user with a PIE-compiled binary? | qemu (Ubuntu Focal) | Medium | Fix Released |
Bug #1871830: using QEMU_MODULE_DIR and CONFIG_MODULE_UPGRADES at the same time can crash qemu
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1871830 | using QEMU_MODULE_DIR and CONFIG_MODULE_UPGRADES at the same time can crash qemu | qemu (Ubuntu) | Critical | Fix Released |
Bug #1872107: QEMU KVM live migration crashes when the VM is in booting state
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1872107 | QEMU KVM live migration crashes when the VM is in booting state | qemu (Ubuntu) | Undecided | Fix Released | ||
1872107 | QEMU KVM live migration crashes when the VM is in booting state | qemu-kvm | Unknown | Unknown |
Bug #1872937: Fetch recent CVE and packaging fixes
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1872937 | Fetch recent CVE and packaging fixes | qemu (Ubuntu) | Critical | Fix Released |
Bug #1878534: iPhone USB passthrough crashes Windows 10 guest
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1878534 | iPhone USB passthrough crashes Windows 10 guest | qemu (Ubuntu) | Undecided | Incomplete | ||
1878534 | iPhone USB passthrough crashes Windows 10 guest | qemu (Debian) | Unknown | Fix Released |
Bug #1887763: new default qemu TCG sizes exceed common CI setups
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1887763 | new default qemu TCG sizes exceed common CI setups | qemu (Ubuntu) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.