Home / mailings [USN-2630-1] QEMU vulnerabilities
Posted on 10 June 2015
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-2630-1
June 10, 2015
qemu, qemu-kvm vulnerabilities
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in QEMU.
Software Description:
- qemu: Machine emulator and virtualizer
- qemu-kvm: Machine emulator and virtualizer
Details:
Matt Tait discovered that QEMU incorrectly handled the virtual PCNET
driver. A malicious guest could use this issue to cause a denial of
service, or possibly execute arbitrary code on the host as the user runni=
ng
the QEMU process. In the default installation, when QEMU is used with
libvirt, attackers would be isolated by the libvirt AppArmor profile.
(CVE-2015-3209)
Kurt Seifried discovered that QEMU incorrectly handled certain temporary
files. A local attacker could use this issue to cause a denial of service=
=2E
(CVE-2015-4037)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted writ=
e
access to the host MSI message data field. A malicious guest could use th=
is
issue to cause a denial of service. This issue only applied to Ubuntu 14.=
04
LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4103)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted acce=
ss
to the PCI MSI mask bits. A malicious guest could use this issue to cause=
a
denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu
14.10 and Ubuntu 15.04. (CVE-2015-4104)
Jan Beulich discovered that the QEMU Xen code incorrectly handled MSI-X
error messages. A malicious guest could use this issue to cause a denial =
of
service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and
Ubuntu 15.04. (CVE-2015-4105)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted writ=
e
access to the PCI config space. A malicious guest could use this issue to=
cause a denial of service, obtain sensitive information, or possibly
execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS,
Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4106)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.04:
qemu-system 1:2.2+dfsg-5expubuntu9.2
qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.2
qemu-system-arm 1:2.2+dfsg-5expubuntu9.2
qemu-system-mips 1:2.2+dfsg-5expubuntu9.2
qemu-system-misc 1:2.2+dfsg-5expubuntu9.2
qemu-system-ppc 1:2.2+dfsg-5expubuntu9.2
qemu-system-sparc 1:2.2+dfsg-5expubuntu9.2
qemu-system-x86 1:2.2+dfsg-5expubuntu9.2
Ubuntu 14.10:
qemu-system 2.1+dfsg-4ubuntu6.7
qemu-system-aarch64 2.1+dfsg-4ubuntu6.7
qemu-system-arm 2.1+dfsg-4ubuntu6.7
qemu-system-mips 2.1+dfsg-4ubuntu6.7
qemu-system-misc 2.1+dfsg-4ubuntu6.7
qemu-system-ppc 2.1+dfsg-4ubuntu6.7
qemu-system-sparc 2.1+dfsg-4ubuntu6.7
qemu-system-x86 2.1+dfsg-4ubuntu6.7
Ubuntu 14.04 LTS:
qemu-system 2.0.0+dfsg-2ubuntu1.13
qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.13
qemu-system-arm 2.0.0+dfsg-2ubuntu1.13
qemu-system-mips 2.0.0+dfsg-2ubuntu1.13
qemu-system-misc 2.0.0+dfsg-2ubuntu1.13
qemu-system-ppc 2.0.0+dfsg-2ubuntu1.13
qemu-system-sparc 2.0.0+dfsg-2ubuntu1.13
qemu-system-x86 2.0.0+dfsg-2ubuntu1.13
Ubuntu 12.04 LTS:
qemu-kvm 1.0+noroms-0ubuntu14.23
After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2630-1
CVE-2015-3209, CVE-2015-4037, CVE-2015-4103, CVE-2015-4104,
CVE-2015-4105, CVE-2015-4106
Package Information:
https://launchpad.net/ubuntu/+source/qemu/1:2.2+dfsg-5expubuntu9.2
https://launchpad.net/ubuntu/+source/qemu/2.1+dfsg-4ubuntu6.7
https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.13
https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.23
