[Git][security-tracker-team/security-tracker][master] qemu: make a pass at issues waiting for upstream patch + add links to...

Tue Aug 6 19:28:01 BST 2024


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5e8c318 by Sylvain Beucler at 2024-08-06T20:26:55+02:00
qemu: make a pass at issues waiting for upstream patch + add links to patchew.org threads to ease future passes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135944,8 +135944,10 @@ CVE-2022-3872 (An off-by-one read/write issue was found in the SDHCI device of Q
 	[buster] - qemu <postponed> (Minor issue, DoS, waiting for sanctioned patch)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2140567
 	NOTE: patch proposal 1: https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg01068.html
+	NOTE: https://patchew.org/QEMU/20221107103510.34588-1-mcascell@redhat.com/
 	NOTE: patch proposal 2: https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg01161.html
-	NOTE: No sanctioned upstream patch as of 2023-03-09
+	NOTE: https://patchew.org/QEMU/20221107221236.47841-1-philmd@linaro.org/
+	NOTE: No sanctioned upstream patch as of 2024-08-06
 CVE-2022-45043 (Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via gofo ...)
 	NOT-FOR-US: Tenda
 CVE-2022-45042
@@ -161733,6 +161735,11 @@ CVE-2022-36648 (The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker
 	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[buster] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2022-06/msg04469.html
+	NOTE: https://patchew.org/QEMU/20220624143912.1234427-1-mcascell@redhat.com/
+	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2023-11/msg04872.html
+	NOTE: https://patchew.org/QEMU/f6282a8b-3106-4bde-af2c-09236ad0f8d7@tls.msk.ru/
+	NOTE: https://gitlab.com/qemu-project/qemu/-/issues/1851
+	NOTE: CVE is tagged disputed
 CVE-2022-36647 (PKUVCL davs2 v1.6.205 was discovered to contain a global buffer overfl ...)
 	- davs2 <removed> (bug #1019358)
 	NOTE: https://github.com/pkuvcl/davs2/issues/29
@@ -226759,7 +226766,7 @@ CVE-2021-3735 (A deadlock issue was found in the AHCI controller device of QEMU.
 	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[buster] - qemu <postponed> (Minor issue, waiting for patch)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1997184
-	NOTE: No upstream patch as of 2023-03-09
+	NOTE: No upstream patch as of 2024-08-06
 CVE-2021-40083 (Knot Resolver before 5.3.2 is prone to an assertion failure, triggerab ...)
 	[experimental] - knot-resolver 5.4.1-1
 	- knot-resolver 5.4.1-2 (bug #991463)
@@ -278300,6 +278307,7 @@ CVE-2021-20255 (A stack overflow via an infinite recursion vulnerability was fou
 	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[buster] - qemu <postponed> (Minor issue, waiting for sanctioned patch, fixed in stretch-lts)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html
+	NOTE: https://patchew.org/QEMU/20210218140629.373646-1-ppandit@redhat.com/
 	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Feepro100_stackoverflow1
 CVE-2021-20254 (A flaw was found in samba. The Samba smbd file server must map Windows ...)
 	{DLA-2668-1}
@@ -279150,7 +279158,8 @@ CVE-2020-35503 (A NULL pointer dereference flaw was found in the megasas-gen2 SC
 	[buster] - qemu <postponed> (Minor issue, waiting for sanctioned patch)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1910346
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-12/msg06065.html
-	NOTE: No sanctioned upstream patch as of 2023-03-09
+	NOTE: https://patchew.org/QEMU/20201224175441.67538-1-mcascell@redhat.com/
+	NOTE: No sanctioned upstream patch as of 2024-08-06
 CVE-2020-35502 (A flaw was found in Privoxy in versions before 3.0.29. Memory leaks wh ...)
 	{DLA-2548-1}
 	- privoxy 3.0.29-1
@@ -295211,24 +295220,27 @@ CVE-2020-25743 (hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer der
 	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[buster] - qemu <postponed> (Minor issue, waiting for sanctioned patch)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01568.html
+	NOTE: https://patchew.org/QEMU/20200903183138.2161977-1-ppandit@redhat.com/
 	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1
-	NOTE: No sanctioned upstream patch as of 2023-03-09
+	NOTE: No sanctioned upstream patch as of 2024-08-11
 CVE-2020-25742 (pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL p ...)
 	- qemu <unfixed> (bug #971390)
 	[bookworm] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[buster] - qemu <postponed> (Minor issue, waiting for sanctioned patch)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html
+	NOTE: https://patchew.org/QEMU/20200827114917.1851111-1-ppandit@redhat.com/
 	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1
-	NOTE: No sanctioned upstream patch as of 2023-03-09
+	NOTE: No sanctioned upstream patch as of 2024-08-06
 CVE-2020-25741 (fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer d ...)
 	- qemu <unfixed> (bug #970939)
 	[bookworm] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
 	[buster] - qemu <postponed> (Minor issue, waiting for sanctioned patch)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg07779.html
+	NOTE: https://patchew.org/QEMU/20200922092722.344518-1-ppandit@redhat.com/
 	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Ffdc_nullptr1
-	NOTE: No sanctioned upstream patch as of 2023-03-09
+	NOTE: No sanctioned upstream patch as of 2024-08-06
 CVE-2020-25740
 	RESERVED
 CVE-2020-25739 (An issue was discovered in the gon gem before gon-6.4.0 for Ruby. Mult ...)
@@ -318438,14 +318450,14 @@ CVE-2020-15469 (In QEMU 4.2.0, a MemoryRegionOps object may lack read/write call
 	NOTE: https://www.openwall.com/lists/oss-security/2020/07/02/1
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg09961.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg00674.html
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=520f26fc6d17b71a43eaf620e834b3bdf316f3d3
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=4f2a5202a05fc1612954804a2482f07bff105ea2
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=24202d2b561c3b4c48bd28383c8c34b4ac66c2bf
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=f867cebaedbc9c43189f102e4cdfdff05e88df7f
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=b5bf601f364e1a14ca4c3276f88dfec024acf613
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=921604e175b8ec06c39503310e7b3ec1e3eafe9e
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=2c9fb3b784000c1df32231e1c2464bb2e3fc4620
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=735754aaa15a6ed46db51fd731e88331c446ea54
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/520f26fc6d17b71a43eaf620e834b3bdf316f3d3 (v6.0.0-rc0)
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/4f2a5202a05fc1612954804a2482f07bff105ea2 (v6.0.0-rc0)
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/24202d2b561c3b4c48bd28383c8c34b4ac66c2bf (v6.0.0-rc0)
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/f867cebaedbc9c43189f102e4cdfdff05e88df7f (v6.0.0-rc0)
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/b5bf601f364e1a14ca4c3276f88dfec024acf613 (v6.0.0-rc0)
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/921604e175b8ec06c39503310e7b3ec1e3eafe9e (v6.0.0-rc0)
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/2c9fb3b784000c1df32231e1c2464bb2e3fc4620 (v6.0.0-rc0)
+	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/735754aaa15a6ed46db51fd731e88331c446ea54 (v6.0.0-rc0)
 CVE-2020-15468 (Persian VIP Download Script 1.0 allows SQL Injection via the cart_edit ...)
 	NOT-FOR-US: Persian VIP Download Script
 CVE-2020-15467 (The administrative interface of Cohesive Networks vns3:vpn appliances  ...)
@@ -383141,9 +383153,10 @@ CVE-2019-12067 (The ahci_commit_buf function in ide/ahci.c in QEMU allows attack
 	[buster] - qemu <postponed> (Minor issue, waiting for sanctioned patch)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01358.html
+	NOTE: https://patchew.org/QEMU/20190808065636.28787-1-ppandit@redhat.com/
 	NOTE: patched function introduced in 2014/2.1.50 but affected code pre-existed
-	NOTE: https://github.com/qemu/qemu/commit/659142ecf71a0da240ab0ff7cf929ee25c32b9bc
-	NOTE: No sanctioned upstream patch as of 2023-03-08
+	NOTE: https://github.com/qemu/qemu/commit/659142ecf71a0da240ab0ff7cf929ee25c32b9bc (v2.2.0-rc0)
+	NOTE: No sanctioned upstream patch as of 2024-08-06
 CVE-2019-12066
 	RESERVED
 CVE-2019-12065



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5e8c318b54e7757ab58b8c4fb4eba59746c87dc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5e8c318b54e7757ab58b8c4fb4eba59746c87dc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240806/378997ba/attachment.htm>
