UbuntuUpdates.org

Package "qemu"

Name: qemu

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • supplemental block backend modules for qemu-system and qemu-utils
  • Guest-side qemu-system agent
  • QEMU full system emulation binaries (x86)
  • QEMU full system emulation (Xen helper package)
Latest version: 1:10.1.0+ds-5ubuntu2.4
Release: questing (25.10)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "qemu" in Questing

Repository Area Version
base main 1:10.1.0+ds-5ubuntu2
base universe 1:10.1.0+ds-5ubuntu2
security main 1:10.1.0+ds-5ubuntu2.4
updates main 1:10.1.0+ds-5ubuntu2.2
updates universe 1:10.1.0+ds-5ubuntu2.2
proposed universe 1:10.1.0+ds-5ubuntu2.3
proposed main 1:10.1.0+ds-5ubuntu2.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:10.1.0+ds-5ubuntu2.4 2026-03-04 20:08:22 UTC

  qemu (1:10.1.0+ds-5ubuntu2.4) questing-security; urgency=medium

  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2024-8354.patch: don't assert for SETUP to non-0
      endpoint in hw/usb/hcd-uhci.
    - CVE-2024-8354
  * SECURITY UPDATE: use-after-free
    - debian/patches/CVE-2025-11234-1.patch: release active GSource in TLS
      channel finalizer in io/channel-tls.c.
    - debian/patches/CVE-2025-11234-2.patch: move websock resource release to
      close method in io/channel-websock.c.
    - debian/patches/CVE-2025-11234-3.patch: fix use after free in websocket
      handshake code in io/channel-websock.c.
    - CVE-2025-11234
  * SECURITY UPDATE: stack-based buffer overflow
    - debian/patches/CVE-2025-12464.patch: pad packets to minimum length in
      qemu_receive_packet() in net/net.c.
    - CVE-2025-12464
  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2025-14876-1.patch: verify asym request size in
      hw/virtio/virtio-crypto.c.
    - debian/patches/CVE-2025-14876-2.patch: Limit the maximum size in
      backends/cryptodev-builtin.c.
    - CVE-2025-14876
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2026-0665.patch: fix PIRQ bounds check in
      xen_physdev_map_pirq() in hw/i386/kvm/xen_evtchn.c.
    - CVE-2026-0665

 -- Fabian Toepfer <email address hidden> Tue, 03 Mar 2026 15:17:44 +0100
CVE-2024-8354 A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a U
CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to
CVE-2025-12464 A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devic
CVE-2025-14876 A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, lea
CVE-2026-0665 An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QE


About   -   Send Feedback to @ubuntu_updates