[Git][security-tracker-team/security-tracker][master] Add commit references for CVE-2024-6505/qemu

Santiago R.R. (@santiago) santiago at debian.org
Mon May 12 14:46:29 BST 2025 


Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d7b6cf6 by Santiago Ruano Rincón at 2025-05-12T10:46:17-03:00
Add commit references for CVE-2024-6505/qemu

For bookworm, it was fixed with 1:7.2+dfsg-7+deb12u8
https://tracker.debian.org/news/1588084/accepted-qemu-172dfsg-7deb12u8-source-into-proposed-updates/

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -90701,9 +90701,13 @@ CVE-2024-6523 (A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has b
 	NOT-FOR-US: ZKTeco BioTime
 CVE-2024-6505 (A flaw was found in the virtio-net device in QEMU. When enabling the R ...)
 	- qemu 1:9.0.2+ds-3 (bug #1075919)
-	[bookworm] - qemu <no-dsa> (Minor issue)
+	[bookworm] - qemu 1:7.2+dfsg-7+deb12u8
 	[bullseye] - qemu <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2295760
+	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/f1595ceb9aad36a6c1da95bcb77ab9509b38822d (v9.1.0-rc1)
+	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/44ef533498db5078c4432a3f1e160ed5539d7d29 (v8.2.7)
+	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/d2476ced2e34b661dded77d8774955b5a90fbda4 (v7.2.14)
+	NOTE: Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/4474e37a5b3a616803f4570b542e8eede91e50d2 (v5.1.0-rc0)
 CVE-2024-6298 (Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.0 ...)
 	NOT-FOR-US: ABB
 CVE-2024-6209 (Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d7b6cf655919f6cee8be30a38ddedfa4d595b07

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d7b6cf655919f6cee8be30a38ddedfa4d595b07
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250512/190cb920/attachment.htm>

More information about the debian-security-tracker-commits mailing list