Launchpad.net

CVE 2020-25084

QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.

CVE-2020-25084 (Candidate) is related to these bugs:

Bug #1897854: groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed.

Summary				In	Importance	Status
	1897854	groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed.		qemu (Ubuntu)	Undecided	Fix Released
	1897854	groovy qemu-arm-static: /build/qemu-W3R0Rj/qemu-5.0/linux-user/elfload.c:2317: pgb_reserved_va: Assertion `guest_base != 0' failed.		qemu (Ubuntu Groovy)	Undecided	Fix Released

Bug #1907656: [UBUNTU 21.04] s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset

		In	Importance	Status
1907656	[UBUNTU 21.04] s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset	qemu (Ubuntu)	Undecided	Fix Released
1907656	[UBUNTU 21.04] s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset	Ubuntu on IBM z Systems	High	Fix Released
1907656	[UBUNTU 21.04] s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset	qemu (Ubuntu Groovy)	Undecided	Fix Released
1907656	[UBUNTU 21.04] s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset	qemu (Ubuntu Hirsute)	Undecided	Fix Released
1907656	[UBUNTU 21.04] s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset	qemu (Ubuntu Focal)	Undecided	Fix Released

Bug #1907789: 2.35.50 breaks ld -no-pie

		In	Importance	Status
1907789	2.35.50 breaks ld -no-pie	binutils (Ubuntu)	Undecided	Fix Released
1907789	2.35.50 breaks ld -no-pie	binutils	Medium	Fix Released
1907789	2.35.50 breaks ld -no-pie	qemu (Ubuntu)	High	Fix Released
1907789	2.35.50 breaks ld -no-pie	s390-tools (Ubuntu)	Undecided	Fix Released
1907789	2.35.50 breaks ld -no-pie	Ubuntu on IBM z Systems	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.