UbuntuUpdates.org

Package "qemu-system-s390x"

Name: qemu-system-s390x

Description:

QEMU full system emulation binaries (s390x)
Latest version: 1:8.2.2+ds-0ubuntu1.10
Release: noble (24.04)
Level: updates
Repository: main
Head package: qemu
Homepage: http://www.qemu.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "qemu-system-s390x"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "qemu-system-s390x" in Noble

Repository Area Version
base main 1:8.2.2+ds-0ubuntu1
security main 1:8.2.2+ds-0ubuntu1.10

Changelog

Version: 1:8.2.2+ds-0ubuntu1.10 2025-09-11 21:07:10 UTC

  qemu (1:8.2.2+ds-0ubuntu1.10) noble-security; urgency=medium

  * SECURITY UPDATE: double-free in QEMU virtio devices
    - debian/patches/CVE-2024-3446-pre1.patch: introduce
      virtio_bh_new_guarded() helper in hw/virtio/virtio.c,
      include/hw/virtio/virtio.h.
    - debian/patches/CVE-2024-3446-1.patch: protect from DMA re-entrancy
      bugs in hw/virtio/virtio-crypto.c.
    - debian/patches/CVE-2024-3446-2.patch: protect from DMA re-entrancy
      bugs in hw/char/virtio-serial-bus.c.
    - debian/patches/CVE-2024-3446-3.patch: protect from DMA re-entrancy
      bugs in hw/display/virtio-gpu.c.
    - CVE-2024-3446
  * SECURITY UPDATE: heap overflow in SDHCI device emulation
    - debian/patches/CVE-2024-3447.patch: do not update TRNMOD when Command
      Inhibit (DAT) is set in hw/sd/sdhci.c.
    - CVE-2024-3447
  * SECURITY UPDATE: assert failure in checksum calculation
    - debian/patches/CVE-2024-3567.patch: fix overrun in
      update_sctp_checksum() in hw/net/net_tx_pkt.c.
    - CVE-2024-3567
  * SECURITY UPDATE: resource consumption in disk utility
    - debian/patches/CVE-2024-4467-1.patch: don't open data_file with
      BDRV_O_NO_IO in block/qcow2.c, tests/qemu-iotests/061*.
    - debian/patches/CVE-2024-4467-2.patch: don't store data-file with
      protocol in image in tests/qemu-iotests/244.
    - debian/patches/CVE-2024-4467-3.patch: don't store data-file with
      json: prefix in image in tests/qemu-iotests/270.
    - debian/patches/CVE-2024-4467-4.patch: parse filenames only when
      explicitly requested in block.c.
    - CVE-2024-4467
  * SECURITY UPDATE: heap overflow in virtio-net device RSS feature
    - debian/patches/CVE-2024-6505.patch: ensure queue index fits with RSS
      in hw/net/virtio-net.c.
    - CVE-2024-6505
  * SECURITY UPDATE: Dos via improper synchronization during socket closure
    - debian/patches/CVE-2024-7409-1.patch: plumb in new args to
      nbd_client_add() in blockdev-nbd.c, include/block/nbd.h,
      nbd/server.c, qemu-nbd.c.
    - debian/patches/CVE-2024-7409-2.patch: cap default max-connections to
      100 in block/monitor/block-hmp-cmds.c, blockdev-nbd.c,
      include/block/nbd.h, qapi/block-export.json.
    - debian/patches/CVE-2024-7409-3.patch: close stray clients at
      server-stop in blockdev-nbd.c.
    - debian/patches/CVE-2024-7409-4.patch: drop non-negotiating clients in
      nbd/server.c, nbd/trace-events.
    - debian/patches/CVE-2024-7409-5.patch: avoid use-after-free when
      closing server in blockdev-nbd.c.
    - CVE-2024-7409
  * SECURITY UPDATE: DoS via assert failure in usb_ep_get()
    - debian/patches/CVE-2024-8354.patch: change ohci validation in
      hw/usb/hcd-ohci.c, hw/usb/trace-events.
    - CVE-2024-8354
  * SECURITY UPDATE: possibly binfmt privilege escalation (LP: #2120814)
    - debian/binfmt-install: stop using C (Credentials) flag for
      binfmt_misc registration.

 -- Marc Deslauriers <email address hidden> Mon, 25 Aug 2025 14:10:37 -0400
Source diff to previous version
2120814 binfmt_misc C (Credentials) flag as security risk with setuid binaries
CVE-2024-3446 A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insu
CVE-2024-3447 A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fif
CVE-2024-3567 A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the
CVE-2024-4467 A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing blo
CVE-2024-6505 A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within R
CVE-2024-7409 A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closur
CVE-2024-8354 A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a U

Version: 1:8.2.2+ds-0ubuntu1.9 2025-08-15 01:07:09 UTC

  qemu (1:8.2.2+ds-0ubuntu1.9) noble; urgency=medium

  * d/p/u/lp-2101053-pci-acpi-Windows-PCI-Label-Id-bug-workaround.patch:
    fix windows virtio network by tolerarting a bad acpi call (LP: #2101053)

 -- Christian Ehrhardt <email address hidden> Wed, 02 Jul 2025 11:36:20 +0200
2101053 qemu: Networking broken for German Windows guests

Version: *DELETED* 2025-06-30 22:07:00 UTC
No changelog for deleted or moved packages.

Version: 1:8.2.2+ds-0ubuntu1.8 2025-06-30 16:07:35 UTC

  qemu (1:8.2.2+ds-0ubuntu1.8) noble; urgency=medium

  * d/p/u/lp2101944/*: Synthesize IBPB_BRTYPE and SBPB CPUID bits to the guest
    as described in AMD's Speculative Return Stack Overflow whitepaper.
    (LP: #2101944)

 -- Lukas Märdian <email address hidden> Wed, 19 Mar 2025 10:02:49 +0100
Source diff to previous version
2101944 Expose bits related to SRSO vulnerability

Version: 1:8.2.2+ds-0ubuntu1.7 2025-05-19 18:07:42 UTC

  qemu (1:8.2.2+ds-0ubuntu1.7) noble; urgency=medium

  * d/p/u/lp2049698/*: Add full boot order support on s390x (LP: #2049698)
  * Cherry-pick prerequisite for above backport (to avoid FTBFS):
    - d/p/u/lp2049698/0-hw-s390x-sclp.c-include-s390-virtio-ccw.h-to-make.patch
  * d/qemu-system-data.links: symlink s390-netboot.img -> s390-ccw.img for
    backwards compatibility, as the code is now combined.

  [ Michael Tokarev ]
  * d/rules: run ./configure in arch-indep build and build some roms from there.
    After adding just a few more build-deps to common Build-Depends,
    it is now possible to run ./configure in arch-indep step too.
    Run ./configure, and switch s390-ccw and vof.bin builds from
    ad-hoc instructions to using the regular qemu makefiles.
    Move python3-venv dependency from Build-Depend-Arch to Build-Depend
    so that ./configure can be run.
    [cherry-pick https://salsa.debian.org/qemu-team/qemu/-/commit/5b5a97b]

  * Fix qemu-aarch64-static segfaults running ldconfig.real (LP: #2072564)
    - lp-2072564-01-linux-user-Honor-elf-alignment-when-placing-images.patch
    - lp-2072564-02-elfload-Fix-alignment-when-unmapping-excess-reservat.patch
    Thanks to Dimitry Andric for identifying the fix.

 -- Lukas Märdian <email address hidden> Thu, 13 Mar 2025 17:15:00 +0100
2049698 [25.04 FEAT] [VS1807] KVM: Full boot order support (qemu)
2072564 qemu-aarch64-static segfaults running ldconfig.real (amd64 host)


About   -   Send Feedback to @ubuntu_updates