Package "qemu-user-binfmt"
  
    
    
        | Name: | qemu-user-binfmt | 
    
        | Description:
 | QEMU user mode binfmt registration for qemu-user | 
    
        | Latest version: | 1:8.2.2+ds-0ubuntu1.10 | 
    
        | Release: | noble (24.04) | 
    
        | Level: | security | 
    
        | Repository: | universe | 
         
            | Head package: | qemu | 
        
            | Homepage: | http://www.qemu.org/ | 
    
   
  
  
 
Links
    Download "qemu-user-binfmt"
    
Other versions of "qemu-user-binfmt" in Noble
    
Changelog
    
    
    
        
        
    
    
        |   qemu (1:8.2.2+ds-0ubuntu1.10) noble-security; urgency=medium   * SECURITY UPDATE: double-free in QEMU virtio devices
- debian/patches/CVE-2024-3446-pre1.patch: introduce
 virtio_bh_new_guarded() helper in hw/virtio/virtio.c,
 include/hw/virtio/virtio.h.
 - debian/patches/CVE-2024-3446-1.patch: protect from DMA re-entrancy
 bugs in hw/virtio/virtio-crypto.c.
 - debian/patches/CVE-2024-3446-2.patch: protect from DMA re-entrancy
 bugs in hw/char/virtio-serial-bus.c.
 - debian/patches/CVE-2024-3446-3.patch: protect from DMA re-entrancy
 bugs in hw/display/virtio-gpu.c.
 - CVE-2024-3446
 * SECURITY UPDATE: heap overflow in SDHCI device emulation
 - debian/patches/CVE-2024-3447.patch: do not update TRNMOD when Command
 Inhibit (DAT) is set in hw/sd/sdhci.c.
 - CVE-2024-3447
 * SECURITY UPDATE: assert failure in checksum calculation
 - debian/patches/CVE-2024-3567.patch: fix overrun in
 update_sctp_checksum() in hw/net/net_tx_pkt.c.
 - CVE-2024-3567
 * SECURITY UPDATE: resource consumption in disk utility
 - debian/patches/CVE-2024-4467-1.patch: don't open data_file with
 BDRV_O_NO_IO in block/qcow2.c, tests/qemu-iotests/061*.
 - debian/patches/CVE-2024-4467-2.patch: don't store data-file with
 protocol in image in tests/qemu-iotests/244.
 - debian/patches/CVE-2024-4467-3.patch: don't store data-file with
 json: prefix in image in tests/qemu-iotests/270.
 - debian/patches/CVE-2024-4467-4.patch: parse filenames only when
 explicitly requested in block.c.
 - CVE-2024-4467
 * SECURITY UPDATE: heap overflow in virtio-net device RSS feature
 - debian/patches/CVE-2024-6505.patch: ensure queue index fits with RSS
 in hw/net/virtio-net.c.
 - CVE-2024-6505
 * SECURITY UPDATE: Dos via improper synchronization during socket closure
 - debian/patches/CVE-2024-7409-1.patch: plumb in new args to
 nbd_client_add() in blockdev-nbd.c, include/block/nbd.h,
 nbd/server.c, qemu-nbd.c.
 - debian/patches/CVE-2024-7409-2.patch: cap default max-connections to
 100 in block/monitor/block-hmp-cmds.c, blockdev-nbd.c,
 include/block/nbd.h, qapi/block-export.json.
 - debian/patches/CVE-2024-7409-3.patch: close stray clients at
 server-stop in blockdev-nbd.c.
 - debian/patches/CVE-2024-7409-4.patch: drop non-negotiating clients in
 nbd/server.c, nbd/trace-events.
 - debian/patches/CVE-2024-7409-5.patch: avoid use-after-free when
 closing server in blockdev-nbd.c.
 - CVE-2024-7409
 * SECURITY UPDATE: DoS via assert failure in usb_ep_get()
 - debian/patches/CVE-2024-8354.patch: change ohci validation in
 hw/usb/hcd-ohci.c, hw/usb/trace-events.
 - CVE-2024-8354
 * SECURITY UPDATE: possibly binfmt privilege escalation (LP: #2120814)
 - debian/binfmt-install: stop using C (Credentials) flag for
 binfmt_misc registration.
  -- Marc Deslauriers <email address hidden>  Mon, 25 Aug 2025 14:10:37 -0400 | 
    | Source diff to previous version | 
        
        | 
                
                | 2120814 | binfmt_misc C (Credentials) flag as security risk with setuid binaries |  
                | CVE-2024-3446 | A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insu |  
                | CVE-2024-3447 | A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of  `s->fif |  
                | CVE-2024-3567 | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the |  
                | CVE-2024-4467 | A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing blo |  
                | CVE-2024-6505 | A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within R |  
                | CVE-2024-7409 | A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closur |  
                | CVE-2024-8354 | A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a U |  | 
    
    
    
    
    
        
        
    
    
        |   qemu (1:8.2.2+ds-0ubuntu1.4) noble-security; urgency=medium   * SECURITY UPDATE: denial of service
- debian/patches/CVE-2024-4693-1.patch: virtio-pci: fix use of a
 released vector
 - debian/patches/CVE-2024-4693-2.patch: virtio-pci: Fix the use of
 an uninitialized irqfd
 - CVE-2024-4693
 * SECURITY UPDATE: heap buffer overflow
 - debian/patches/CVE-2024-7730.patch: add max size bounds check in
 input cb
 - CVE-2024-7730
  -- Bruce Cable <email address hidden>  Tue, 22 Oct 2024 15:57:13 +1100 | 
    | Source diff to previous version | 
        
        | 
                
                | CVE-2024-4693 | A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot proc |  | 
    
    
    
    
    
        
        
    
    
        |   qemu (1:8.2.2+ds-0ubuntu1.2) noble-security; urgency=medium   * SECURITY UPDATE: buffer overflow
- debian/patches/CVE-2024-26327.patch: Check num_vfs size
 - CVE-2024-26327
 * SECURITY UPDATE: out of bounds memory access
 - debian/patches/CVE-2024-26328.patch: Use pcie_sriov_num_vfs to
 get number of enabled vfs before and after config writes
 - CVE-2024-26328
  -- Bruce Cable <email address hidden>  Wed, 21 Aug 2024 11:53:08 +1000 | 
    
        
        | 
                
                | CVE-2024-26327 | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater |  
                | CVE-2024-26328 | An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interact |  | 
    
    
        
        
        
            About
              -  
            Send Feedback to @ubuntu_updates