[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Addressing CVE-2024-3446 in qemu versions shipped in debian bullseye and
|
From: |
Santiago Ruano Rincón |
|
Subject: |
Addressing CVE-2024-3446 in qemu versions shipped in debian bullseye and older |
|
Date: |
Mon, 30 Dec 2024 18:21:47 -0500 |
Hello there,
(Please CC me since I am not subscribed to the QEMU devel list.)
I am working on backporting some CVE fixes to old Debian versions
(bullseye and previous), and I would like to ask you some help to
confirm if QEMU in those debian releases is affected by CVE-2024-3446 or
not. This is QEMU 5.2, 3.1 and 2.8.
On the 7.2 branch, the following four commits are required to fix
CVE-2024-3446:
https://gitlab.com/qemu-project/qemu/-/commit/e070e5e6748e3217028fa21aa30bb51f862368c8
https://gitlab.com/qemu-project/qemu/-/commit/6d37a308159766cb90ed745cfeb1880937b638ec
https://gitlab.com/qemu-project/qemu/-/commit/e7c2df3fd748a20a8b7a316d186b3ac77551f159
https://gitlab.com/qemu-project/qemu/-/commit/7aaf5f7778de4d75a169ab193f08857eb28db3a4
AFAICS, the qemu_bh_new calls were replaced with qemu_bh_new_guarded in
7.2.6.
Please note that 6d37a308159766cb90ed745cfeb1880937b638ec (and
ba28e0ff4d95b56dc334aac2730ab3651ffc3132) include this bug as reference:
https://bugs.launchpad.net/qemu/+bug/1888606. Could you please confirm
the CVE relates to the same issue?
I am unable to reproduce the issue. I've tried the reproducer found at
6d37a308 and the one from the ubuntu referenced bug. However comment #5
in the ubuntu bug mentions it was reproducible with QEMU 5.0, so I am
confused.
To summarise: it OK to affirm QEMU 5.x and older is unaffected by
CVE-2024-3446?
Thanks in advance, and happy new year!
-- Santiago
signature.asc
Description: PGP signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Addressing CVE-2024-3446 in qemu versions shipped in debian bullseye and older,
Santiago Ruano Rincón <=