UbuntuUpdates.org

Package "qemu-system-modules-spice"

Name: qemu-system-modules-spice

Description:

QEMU full system emulation binaries (spice display modules)
Latest version: 1:8.2.2+ds-0ubuntu1.16
Release: noble (24.04)
Level: updates
Repository: main
Head package: qemu
Homepage: http://www.qemu.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "qemu-system-modules-spice"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "qemu-system-modules-spice" in Noble

Repository Area Version
base main 1:8.2.2+ds-0ubuntu1
security main 1:8.2.2+ds-0ubuntu1.16
proposed main 1:8.2.2+ds-0ubuntu1.15

Changelog

Version: 1:8.2.2+ds-0ubuntu1.16 2026-04-10 06:08:18 UTC

  qemu (1:8.2.2+ds-0ubuntu1.16) noble-security; urgency=medium

  * SECURITY UPDATE: use-after-free
    - debian/patches/CVE-2024-6519.patch: keep a reference to the device while
      SCRIPTS in hw/scsi/lsi53c895a.c.
    - CVE-2024-6519
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2026-2243.patch: fix OOB read in vmdk_read_extent()
      in block/vmdk.c.
    - CVE-2026-2243
  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2026-3195-1.patch: fix max_size bounds check in input
      cb in hw/audio/virtio-snd.c.
    - debian/patches/CVE-2026-3195-2.patch: tighten read amount in in_cb in
      hw/audio/virtio-snd.c.
    - CVE-2026-3195
  * SECURITY UPDATE: integer overflow
    - debian/patches/CVE-2026-3196.patch: handle 5.14.6.2 for PCM_INFO properly
      in hw/audio/virtio-snd.c.
    - CVE-2026-3196
  * SECURITY UPDATE: out-of-bounds write
    - debian/patches/CVE-2026-3842.patch: check length returned by
      cpu_physical_memory_map() in hw/hyperv/syndbg.c.
    - CVE-2026-3842

 -- Fabian Toepfer <email address hidden> Wed, 08 Apr 2026 11:57:03 +0200
Source diff to previous version
CVE-2024-6519 A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.
CVE-2026-2243 A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of

Version: 1:8.2.2+ds-0ubuntu1.15 2026-04-09 02:12:02 UTC

  qemu (1:8.2.2+ds-0ubuntu1.15) noble; urgency=medium

  * d/p/u/lp2142099-*: fix wrong feature dependency for waitpkg
     (LP: #2142099)

 -- Hector Cao <email address hidden> Fri, 20 Mar 2026 11:41:09 +0100
Source diff to previous version
2142099 migration jammy to noble fails due to missing feature : waitpkg

Version: 1:8.2.2+ds-0ubuntu1.14 2026-04-01 11:10:30 UTC

  qemu (1:8.2.2+ds-0ubuntu1.14) noble; urgency=medium

  * Fix crash on concurrent `block-stream` and `query-named-block-nodes`
    (LP: #2126951)
    - d/p/ubuntu/lp2126951-block-Drop-detach_subchain-for-bdrv_replace_node.patch

 -- Wesley Hershberger <email address hidden> Wed, 11 Mar 2026 10:42:17 -0500
Source diff to previous version
2126951 `block-stream` segfault with concurrent `query-named-block-nodes`

Version: 1:8.2.2+ds-0ubuntu1.13 2026-03-04 23:08:09 UTC

  qemu (1:8.2.2+ds-0ubuntu1.13) noble-security; urgency=medium

  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2024-8354-2.patch: don't assert for SETUP to non-0
      endpoint in hw/usb/hcd-uhci.
    - CVE-2024-8354
  * SECURITY UPDATE: use-after-free
    - debian/patches/CVE-2025-11234-1.patch: release active GSource in TLS
      channel finalizer in io/channel-tls.c.
    - debian/patches/CVE-2025-11234-2.patch: move websock resource release to
      close method in io/channel-websock.c.
    - debian/patches/CVE-2025-11234-3.patch: fix use after free in websocket
      handshake code in io/channel-websock.c.
    - CVE-2025-11234
  * SECURITY UPDATE: stack-based buffer overflow
    - debian/patches/CVE-2025-12464.patch: pad packets to minimum length in
      qemu_receive_packet() in net/net.c.
    - CVE-2025-12464
  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2025-14876-1.patch: verify asym request size in
      hw/virtio/virtio-crypto.c.
    - debian/patches/CVE-2025-14876-2.patch: Limit the maximum size in
      backends/cryptodev-builtin.c.
    - CVE-2025-14876
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2026-0665.patch: fix PIRQ bounds check in
      xen_physdev_map_pirq() in hw/i386/kvm/xen_evtchn.c.
    - CVE-2026-0665

 -- Fabian Toepfer <email address hidden> Tue, 03 Mar 2026 15:03:56 +0100
Source diff to previous version
CVE-2024-8354 A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a U
CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to
CVE-2025-12464 A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devic
CVE-2025-14876 A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, lea
CVE-2026-0665 An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QE

Version: 1:8.2.2+ds-0ubuntu1.12 2026-02-05 22:08:48 UTC

  qemu (1:8.2.2+ds-0ubuntu1.12) noble; urgency=medium

  * Do not expose arch-caps when not available on AMD
    CPUs (LP: #2131822)
    - d/p/u/lp2131822/* : create -v2 ubuntu machine types and backport arch_caps
      for this newly created types.
    - d/qemu-system-x86.NEWS : info about the new types

 -- Hector Cao <email address hidden> Mon, 15 Dec 2025 12:33:49 +0000
2131822 Known Windows 11 KVM Issue\u00a0AMD KMODE Exception


About   -   Send Feedback to @ubuntu_updates