Launchpad CVE tracker

CVE 2019-12068

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.

Related bugs and status

CVE-2019-12068 (Candidate) is related to these bugs:

Bug #1812822: Guest crashed when detaching the ovs interface device

		In	Importance	Status
1812822	Guest crashed when detaching the ovs interface device	Ubuntu on IBM z Systems	Medium	Fix Released
1812822	Guest crashed when detaching the ovs interface device	qemu (Ubuntu)	Undecided	Fix Released
1812822	Guest crashed when detaching the ovs interface device	linux (Ubuntu)	Undecided	Invalid

Bug #1847806: eoan: ppc64el install on pseries-eoan VM fails to install

		In	Importance	Status
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu)	Low	Fix Released
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	The Ubuntu-power-systems project	Low	Fix Released
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Eoan)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Eoan)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Eoan)	Low	Won't Fix
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Focal)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Focal)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Focal)	Medium	Fix Released
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Disco)	Undecided	Won't Fix
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Disco)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Disco)	Low	Won't Fix
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	debian-installer (Ubuntu Bionic)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	glibc (Ubuntu Bionic)	Undecided	Invalid
1847806	eoan: ppc64el install on pseries-eoan VM fails to install	qemu (Ubuntu Bionic)	Low	Won't Fix

Bug #1852744: [20.04 FEAT] zKVM: Crypto Passthrough Interrupt Support - qemu part

Summary				In	Importance	Status
	1852744	[20.04 FEAT] zKVM: Crypto Passthrough Interrupt Support - qemu part		qemu (Ubuntu)	Undecided	Fix Released
	1852744	[20.04 FEAT] zKVM: Crypto Passthrough Interrupt Support - qemu part		Ubuntu on IBM z Systems	High	Fix Released

Bug #1857033: qemu kvm add Cooper Lake cpu model

Summary				In	Importance	Status
	1857033	qemu kvm add Cooper Lake cpu model		qemu (Ubuntu)	Undecided	Fix Released

Bug #1859527: vring_get_region_caches: Assertion `caches != NULL' failed.

		In	Importance	Status
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu)	Undecided	Fix Released
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Focal)	Undecided	Fix Released
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Bionic)	Undecided	Fix Released
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Disco)	Undecided	Won't Fix
1859527	vring_get_region_caches: Assertion `caches != NULL' failed.	qemu (Ubuntu Eoan)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2019-12068

References