Action not permitted
Modal body text goes here.
Modal Title
Modal Body
usn-5307-1
Vulnerability from osv_ubuntu
Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20196)
Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20203)
It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546)
It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3682)
It was discovered that the QEMU UAS device emulation incorrectly handled certain stream numbers. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3713)
It was discovered that the QEMU virtio-net device incorrectly handled certain buffer addresses. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3748)
It was discovered that the QEMU SCSI device emulation incorrectly handled certain MODE SELECT commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-3930)
It was discovered that the QEMU ACPI logic incorrectly handled certain values. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.10. (CVE-2021-4158)
Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that the QEMU virtiofsd device incorrectly handled permissions when creating files. An attacker inside the guest could use this issue to create files inside the directory shared by virtiofs with unintended permissions, possibly allowing privilege escalation. This issue only affected Ubuntu 21.10. (CVE-2022-0358)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2021-3682",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-3748",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-3930",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-20196",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-20203",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:18.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.39?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.11+dfsg-1ubuntu7.39"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.10+dfsg-0ubuntu3",
"1:2.10+dfsg-0ubuntu4",
"1:2.10+dfsg-0ubuntu5",
"1:2.11+dfsg-1ubuntu1",
"1:2.11+dfsg-1ubuntu2",
"1:2.11+dfsg-1ubuntu4",
"1:2.11+dfsg-1ubuntu5",
"1:2.11+dfsg-1ubuntu6",
"1:2.11+dfsg-1ubuntu7",
"1:2.11+dfsg-1ubuntu7.1",
"1:2.11+dfsg-1ubuntu7.2",
"1:2.11+dfsg-1ubuntu7.3",
"1:2.11+dfsg-1ubuntu7.4",
"1:2.11+dfsg-1ubuntu7.5",
"1:2.11+dfsg-1ubuntu7.6",
"1:2.11+dfsg-1ubuntu7.7",
"1:2.11+dfsg-1ubuntu7.8",
"1:2.11+dfsg-1ubuntu7.9",
"1:2.11+dfsg-1ubuntu7.10",
"1:2.11+dfsg-1ubuntu7.12",
"1:2.11+dfsg-1ubuntu7.13",
"1:2.11+dfsg-1ubuntu7.14",
"1:2.11+dfsg-1ubuntu7.15",
"1:2.11+dfsg-1ubuntu7.17",
"1:2.11+dfsg-1ubuntu7.18",
"1:2.11+dfsg-1ubuntu7.19",
"1:2.11+dfsg-1ubuntu7.20",
"1:2.11+dfsg-1ubuntu7.21",
"1:2.11+dfsg-1ubuntu7.22",
"1:2.11+dfsg-1ubuntu7.23",
"1:2.11+dfsg-1ubuntu7.25",
"1:2.11+dfsg-1ubuntu7.26",
"1:2.11+dfsg-1ubuntu7.27",
"1:2.11+dfsg-1ubuntu7.28",
"1:2.11+dfsg-1ubuntu7.29",
"1:2.11+dfsg-1ubuntu7.31",
"1:2.11+dfsg-1ubuntu7.32",
"1:2.11+dfsg-1ubuntu7.33",
"1:2.11+dfsg-1ubuntu7.34",
"1:2.11+dfsg-1ubuntu7.35",
"1:2.11+dfsg-1ubuntu7.36",
"1:2.11+dfsg-1ubuntu7.37",
"1:2.11+dfsg-1ubuntu7.38"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2021-3682",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-3748",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-3930",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-20196",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-20203",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:20.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.21?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16",
"1:4.2-3ubuntu6.17",
"1:4.2-3ubuntu6.18",
"1:4.2-3ubuntu6.19"
]
}
],
"aliases": [],
"details": "Gaoning Pan discovered that QEMU incorrectly handled the floppy disk\nemulator. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service. (CVE-2021-20196)\n\nGaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly\nhandled certain values. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service. (CVE-2021-20203)\n\nIt was discovered that the QEMU vhost-user GPU device contained several\nsecurity issues. An attacker inside the guest could use these issues to\ncause QEMU to crash, resulting in a denial of service, leak sensitive\ninformation, or possibly execute arbitrary code. This issue only affected\nUbuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546)\n\nIt was discovered that QEMU incorrectly handled bulk transfers from SPICE\nclients. A remote attacker could use this issue to cause QEMU to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2021-3682)\n\nIt was discovered that the QEMU UAS device emulation incorrectly handled\ncertain stream numbers. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 21.10.\n(CVE-2021-3713)\n\nIt was discovered that the QEMU virtio-net device incorrectly handled\ncertain buffer addresses. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2021-3748)\n\nIt was discovered that the QEMU SCSI device emulation incorrectly handled\ncertain MODE SELECT commands. An attacker inside the guest could possibly\nuse this issue to cause QEMU to crash, resulting in a denial of service.\n(CVE-2021-3930)\n\nIt was discovered that the QEMU ACPI logic incorrectly handled certain\nvalues. An attacker inside the guest could possibly use this issue to cause\nQEMU to crash, resulting in a denial of service. This issue only affected\nUbuntu 21.10. (CVE-2021-4158)\n\nJietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that the QEMU\nvirtiofsd device incorrectly handled permissions when creating files. An\nattacker inside the guest could use this issue to create files inside the\ndirectory shared by virtiofs with unintended permissions, possibly allowing\nprivilege escalation. This issue only affected Ubuntu 21.10.\n(CVE-2022-0358)\n",
"id": "USN-5307-1",
"modified": "2026-04-27T14:11:27Z",
"published": "2022-02-28T13:03:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3544"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3545"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3546"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3682"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3713"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3748"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3930"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-4158"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-20196"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-20203"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-0358"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "qemu vulnerabilities",
"upstream": [
"UBUNTU-CVE-2021-3544",
"UBUNTU-CVE-2021-3545",
"UBUNTU-CVE-2021-3546",
"UBUNTU-CVE-2021-3682",
"UBUNTU-CVE-2021-3713",
"UBUNTU-CVE-2021-3748",
"UBUNTU-CVE-2021-3930",
"UBUNTU-CVE-2021-4158",
"UBUNTU-CVE-2021-20196",
"UBUNTU-CVE-2021-20203",
"UBUNTU-CVE-2022-0358"
]
}
ubuntu-cve-2021-20196
Vulnerability from osv_ubuntu
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-keymaps",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-kvm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-user",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-user-static",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-utils",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@2.0.0+dfsg-2ubuntu1.47+esm6?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.0+dfsg-2ubuntu1.47+esm6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.5.0+dfsg-3ubuntu5",
"1.5.0+dfsg-3ubuntu6",
"1.6.0+dfsg-2ubuntu1",
"1.6.0+dfsg-2ubuntu2",
"1.6.0+dfsg-2ubuntu3",
"1.6.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu1",
"1.7.0+dfsg-2ubuntu2",
"1.7.0+dfsg-2ubuntu3",
"1.7.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu5",
"1.7.0+dfsg-2ubuntu7",
"1.7.0+dfsg-2ubuntu8",
"1.7.0+dfsg-2ubuntu9",
"1.7.0+dfsg-3ubuntu1~ppa1",
"1.7.0+dfsg-3ubuntu1",
"1.7.0+dfsg-3ubuntu2",
"1.7.0+dfsg-3ubuntu3",
"1.7.0+dfsg-3ubuntu4",
"1.7.0+dfsg-3ubuntu5",
"1.7.0+dfsg-3ubuntu6",
"1.7.0+dfsg-3ubuntu7",
"2.0.0~rc1+dfsg-0ubuntu1",
"2.0.0~rc1+dfsg-0ubuntu2",
"2.0.0~rc1+dfsg-0ubuntu3",
"2.0.0~rc1+dfsg-0ubuntu3.1",
"2.0.0+dfsg-2ubuntu1",
"2.0.0+dfsg-2ubuntu1.1",
"2.0.0+dfsg-2ubuntu1.2",
"2.0.0+dfsg-2ubuntu1.3",
"2.0.0+dfsg-2ubuntu1.5",
"2.0.0+dfsg-2ubuntu1.6",
"2.0.0+dfsg-2ubuntu1.7",
"2.0.0+dfsg-2ubuntu1.8",
"2.0.0+dfsg-2ubuntu1.9",
"2.0.0+dfsg-2ubuntu1.10",
"2.0.0+dfsg-2ubuntu1.11",
"2.0.0+dfsg-2ubuntu1.13",
"2.0.0+dfsg-2ubuntu1.14",
"2.0.0+dfsg-2ubuntu1.15",
"2.0.0+dfsg-2ubuntu1.16",
"2.0.0+dfsg-2ubuntu1.17",
"2.0.0+dfsg-2ubuntu1.18",
"2.0.0+dfsg-2ubuntu1.19",
"2.0.0+dfsg-2ubuntu1.20",
"2.0.0+dfsg-2ubuntu1.21",
"2.0.0+dfsg-2ubuntu1.22",
"2.0.0+dfsg-2ubuntu1.24",
"2.0.0+dfsg-2ubuntu1.25",
"2.0.0+dfsg-2ubuntu1.26",
"2.0.0+dfsg-2ubuntu1.27",
"2.0.0+dfsg-2ubuntu1.28",
"2.0.0+dfsg-2ubuntu1.29",
"2.0.0+dfsg-2ubuntu1.30",
"2.0.0+dfsg-2ubuntu1.31",
"2.0.0+dfsg-2ubuntu1.32",
"2.0.0+dfsg-2ubuntu1.33",
"2.0.0+dfsg-2ubuntu1.34",
"2.0.0+dfsg-2ubuntu1.35",
"2.0.0+dfsg-2ubuntu1.36",
"2.0.0+dfsg-2ubuntu1.38",
"2.0.0+dfsg-2ubuntu1.39",
"2.0.0+dfsg-2ubuntu1.40",
"2.0.0+dfsg-2ubuntu1.41",
"2.0.0+dfsg-2ubuntu1.42",
"2.0.0+dfsg-2ubuntu1.43",
"2.0.0+dfsg-2ubuntu1.44",
"2.0.0+dfsg-2ubuntu1.45",
"2.0.0+dfsg-2ubuntu1.46",
"2.0.0+dfsg-2ubuntu1.47",
"2.0.0+dfsg-2ubuntu1.47+esm1",
"2.0.0+dfsg-2ubuntu1.47+esm2",
"2.0.0+dfsg-2ubuntu1.47+esm3",
"2.0.0+dfsg-2ubuntu1.47+esm4"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.51+esm4?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.5+dfsg-5ubuntu10.51+esm4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.3+dfsg-5ubuntu9",
"1:2.3+dfsg-5ubuntu10",
"1:2.4+dfsg-4ubuntu1",
"1:2.4+dfsg-4ubuntu2",
"1:2.4+dfsg-4ubuntu3",
"1:2.4+dfsg-5ubuntu3",
"1:2.5+dfsg-1ubuntu2",
"1:2.5+dfsg-1ubuntu3",
"1:2.5+dfsg-1ubuntu4",
"1:2.5+dfsg-1ubuntu5",
"1:2.5+dfsg-5ubuntu1",
"1:2.5+dfsg-5ubuntu2",
"1:2.5+dfsg-5ubuntu4",
"1:2.5+dfsg-5ubuntu6",
"1:2.5+dfsg-5ubuntu7",
"1:2.5+dfsg-5ubuntu10",
"1:2.5+dfsg-5ubuntu10.1",
"1:2.5+dfsg-5ubuntu10.2",
"1:2.5+dfsg-5ubuntu10.3",
"1:2.5+dfsg-5ubuntu10.4",
"1:2.5+dfsg-5ubuntu10.5",
"1:2.5+dfsg-5ubuntu10.6",
"1:2.5+dfsg-5ubuntu10.7",
"1:2.5+dfsg-5ubuntu10.8",
"1:2.5+dfsg-5ubuntu10.9",
"1:2.5+dfsg-5ubuntu10.10",
"1:2.5+dfsg-5ubuntu10.11",
"1:2.5+dfsg-5ubuntu10.13",
"1:2.5+dfsg-5ubuntu10.14",
"1:2.5+dfsg-5ubuntu10.15",
"1:2.5+dfsg-5ubuntu10.16",
"1:2.5+dfsg-5ubuntu10.20",
"1:2.5+dfsg-5ubuntu10.21",
"1:2.5+dfsg-5ubuntu10.22",
"1:2.5+dfsg-5ubuntu10.24",
"1:2.5+dfsg-5ubuntu10.25",
"1:2.5+dfsg-5ubuntu10.26",
"1:2.5+dfsg-5ubuntu10.28",
"1:2.5+dfsg-5ubuntu10.29",
"1:2.5+dfsg-5ubuntu10.30",
"1:2.5+dfsg-5ubuntu10.31",
"1:2.5+dfsg-5ubuntu10.32",
"1:2.5+dfsg-5ubuntu10.33",
"1:2.5+dfsg-5ubuntu10.34",
"1:2.5+dfsg-5ubuntu10.35",
"1:2.5+dfsg-5ubuntu10.36",
"1:2.5+dfsg-5ubuntu10.37",
"1:2.5+dfsg-5ubuntu10.38",
"1:2.5+dfsg-5ubuntu10.39",
"1:2.5+dfsg-5ubuntu10.40",
"1:2.5+dfsg-5ubuntu10.41",
"1:2.5+dfsg-5ubuntu10.42",
"1:2.5+dfsg-5ubuntu10.43",
"1:2.5+dfsg-5ubuntu10.44",
"1:2.5+dfsg-5ubuntu10.45",
"1:2.5+dfsg-5ubuntu10.46",
"1:2.5+dfsg-5ubuntu10.47",
"1:2.5+dfsg-5ubuntu10.48",
"1:2.5+dfsg-5ubuntu10.49",
"1:2.5+dfsg-5ubuntu10.51",
"1:2.5+dfsg-5ubuntu10.51+esm1",
"1:2.5+dfsg-5ubuntu10.51+esm2",
"1:2.5+dfsg-5ubuntu10.51+esm3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libxen-4.6",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "libxenstore3.0",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.4-amd64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.4-arm64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.4-armhf",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.5-amd64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.5-arm64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.5-armhf",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.6-amd64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.6-arm64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-hypervisor-4.6-armhf",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-system-amd64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-system-arm64",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-system-armhf",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-utils-4.6",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xen-utils-common",
"binary_version": "4.6.5-0ubuntu1.4"
},
{
"binary_name": "xenstore-utils",
"binary_version": "4.6.5-0ubuntu1.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "xen",
"purl": "pkg:deb/ubuntu/xen@4.6.5-0ubuntu1.4?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.5.1-0ubuntu1",
"4.5.1-0ubuntu2",
"4.6.0-1ubuntu1",
"4.6.0-1ubuntu2",
"4.6.0-1ubuntu4",
"4.6.0-1ubuntu4.1",
"4.6.0-1ubuntu4.2",
"4.6.0-1ubuntu4.3",
"4.6.5-0ubuntu1",
"4.6.5-0ubuntu1.1",
"4.6.5-0ubuntu1.2",
"4.6.5-0ubuntu1.4"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.39?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.11+dfsg-1ubuntu7.39"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.10+dfsg-0ubuntu3",
"1:2.10+dfsg-0ubuntu4",
"1:2.10+dfsg-0ubuntu5",
"1:2.11+dfsg-1ubuntu1",
"1:2.11+dfsg-1ubuntu2",
"1:2.11+dfsg-1ubuntu4",
"1:2.11+dfsg-1ubuntu5",
"1:2.11+dfsg-1ubuntu6",
"1:2.11+dfsg-1ubuntu7",
"1:2.11+dfsg-1ubuntu7.1",
"1:2.11+dfsg-1ubuntu7.2",
"1:2.11+dfsg-1ubuntu7.3",
"1:2.11+dfsg-1ubuntu7.4",
"1:2.11+dfsg-1ubuntu7.5",
"1:2.11+dfsg-1ubuntu7.6",
"1:2.11+dfsg-1ubuntu7.7",
"1:2.11+dfsg-1ubuntu7.8",
"1:2.11+dfsg-1ubuntu7.9",
"1:2.11+dfsg-1ubuntu7.10",
"1:2.11+dfsg-1ubuntu7.12",
"1:2.11+dfsg-1ubuntu7.13",
"1:2.11+dfsg-1ubuntu7.14",
"1:2.11+dfsg-1ubuntu7.15",
"1:2.11+dfsg-1ubuntu7.17",
"1:2.11+dfsg-1ubuntu7.18",
"1:2.11+dfsg-1ubuntu7.19",
"1:2.11+dfsg-1ubuntu7.20",
"1:2.11+dfsg-1ubuntu7.21",
"1:2.11+dfsg-1ubuntu7.22",
"1:2.11+dfsg-1ubuntu7.23",
"1:2.11+dfsg-1ubuntu7.25",
"1:2.11+dfsg-1ubuntu7.26",
"1:2.11+dfsg-1ubuntu7.27",
"1:2.11+dfsg-1ubuntu7.28",
"1:2.11+dfsg-1ubuntu7.29",
"1:2.11+dfsg-1ubuntu7.31",
"1:2.11+dfsg-1ubuntu7.32",
"1:2.11+dfsg-1ubuntu7.33",
"1:2.11+dfsg-1ubuntu7.34",
"1:2.11+dfsg-1ubuntu7.35",
"1:2.11+dfsg-1ubuntu7.36",
"1:2.11+dfsg-1ubuntu7.37",
"1:2.11+dfsg-1ubuntu7.38"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libxen-4.9",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "libxenstore3.0",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.6-amd64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.6-arm64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.6-armhf",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.7-amd64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.7-arm64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.7-armhf",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.8-amd64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.8-arm64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.8-armhf",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.9-amd64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.9-arm64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-hypervisor-4.9-armhf",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-system-amd64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-system-arm64",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-system-armhf",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-utils-4.9",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xen-utils-common",
"binary_version": "4.9.2-0ubuntu1"
},
{
"binary_name": "xenstore-utils",
"binary_version": "4.9.2-0ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "xen",
"purl": "pkg:deb/ubuntu/xen@4.9.2-0ubuntu1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.9.0-0ubuntu3",
"4.9.0-0ubuntu4",
"4.9.2-0ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.21?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16",
"1:4.2-3ubuntu6.17",
"1:4.2-3ubuntu6.18",
"1:4.2-3ubuntu6.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libxencall1",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxendevicemodel1",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxenevtchn1",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxenforeignmemory1",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxengnttab1",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxenmisc4.11",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxenstore3.0",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxentoolcore1",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "libxentoollog1",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-hypervisor-4.11-amd64",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-hypervisor-4.11-arm64",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-hypervisor-4.11-armhf",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-hypervisor-4.9-amd64",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-hypervisor-4.9-arm64",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-hypervisor-4.9-armhf",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-hypervisor-common",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-system-amd64",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-system-arm64",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-system-armhf",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-utils-4.11",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xen-utils-common",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
},
{
"binary_name": "xenstore-utils",
"binary_version": "4.11.3+24-g14b62ab3e5-1ubuntu2.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "xen",
"purl": "pkg:deb/ubuntu/xen@4.11.3+24-g14b62ab3e5-1ubuntu2.3?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.9.2-0ubuntu2",
"4.9.2-0ubuntu6",
"4.9.2-0ubuntu7",
"4.11.3+24-g14b62ab3e5-1ubuntu1",
"4.11.3+24-g14b62ab3e5-1ubuntu2",
"4.11.3+24-g14b62ab3e5-1ubuntu2.2",
"4.11.3+24-g14b62ab3e5-1ubuntu2.3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libxencall1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxendevicemodel1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxenevtchn1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxenforeignmemory1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxengnttab1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxenhypfs1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxenmisc4.16",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxenstore4",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxentoolcore1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "libxentoollog1",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-hypervisor-4.16-amd64",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-hypervisor-4.16-arm64",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-hypervisor-4.16-armhf",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-hypervisor-common",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-system-amd64",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-system-arm64",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-system-armhf",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-utils-4.16",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xen-utils-common",
"binary_version": "4.16.0-1~ubuntu2.1"
},
{
"binary_name": "xenstore-utils",
"binary_version": "4.16.0-1~ubuntu2.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "xen",
"purl": "pkg:deb/ubuntu/xen@4.16.0-1~ubuntu2.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.11.4+24-gddaaccbbab-1ubuntu2",
"4.16.0-1~ubuntu2",
"4.16.0-1~ubuntu2.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libxencall1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxendevicemodel1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxenevtchn1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxenforeignmemory1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxengnttab1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxenhypfs1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxenmisc4.17t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxenstore4t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxentoolcore1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "libxentoollog1t64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-hypervisor-4.17-amd64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-hypervisor-4.17-arm64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-hypervisor-4.17-armhf",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-hypervisor-common",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-system-amd64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-system-arm64",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-system-armhf",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-utils-4.17",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xen-utils-common",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
},
{
"binary_name": "xenstore-utils",
"binary_version": "4.17.3+10-g091466ba55-1.1ubuntu3"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "xen",
"purl": "pkg:deb/ubuntu/xen@4.17.3+10-g091466ba55-1.1ubuntu3?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.17.2-1",
"4.17.2+55-g0b56bed864-1",
"4.17.2+76-ge1f9cb16e2-1",
"4.17.2+76-ge1f9cb16e2-1ubuntu1",
"4.17.3+10-g091466ba55-1",
"4.17.3+10-g091466ba55-1.1ubuntu2",
"4.17.3+10-g091466ba55-1.1ubuntu3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libxencall1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxendevicemodel1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxenevtchn1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxenforeignmemory1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxengnttab1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxenhypfs1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxenmisc4.20",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxenstore4",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxentoolcore1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "libxentoollog1",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xen-hypervisor-4.20-amd64",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xen-hypervisor-4.20-arm64",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xen-hypervisor-common",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xen-system-amd64",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xen-system-arm64",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xen-utils-4.20",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xen-utils-common",
"binary_version": "4.20.0+68-g35cb38b222-1"
},
{
"binary_name": "xenstore-utils",
"binary_version": "4.20.0+68-g35cb38b222-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "xen",
"purl": "pkg:deb/ubuntu/xen@4.20.0+68-g35cb38b222-1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.20.0-1ubuntu1",
"4.20.0+68-g35cb38b222-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libxencall1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxendevicemodel1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxenevtchn1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxenforeignmemory1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxengnttab1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxenhypfs1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxenmisc4.20",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxenstore4",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxentoolcore1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "libxentoollog1",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xen-hypervisor-4.20-amd64",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xen-hypervisor-4.20-arm64",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xen-hypervisor-common",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xen-system-amd64",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xen-system-arm64",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xen-utils-4.20",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xen-utils-common",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
},
{
"binary_name": "xenstore-utils",
"binary_version": "4.20.2+7-g1badcf5035-2build2"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "xen",
"purl": "pkg:deb/ubuntu/xen@4.20.2+7-g1badcf5035-2build2?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.20.0+68-g35cb38b222-1",
"4.20.2+7-g1badcf5035-2",
"4.20.2+7-g1badcf5035-2build2"
]
}
],
"aliases": [],
"details": "A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"id": "UBUNTU-CVE-2021-20196",
"modified": "2026-06-09T19:04:16Z",
"published": "2021-05-26T22:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-20196"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-01/msg05986.html"
},
{
"type": "REPORT",
"url": "https://www.openwall.com/lists/oss-security/2021/01/28/1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20196"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8412-1"
}
],
"related": [
"USN-5307-1",
"USN-8412-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-20196"
]
}
ubuntu-cve-2021-20203
Vulnerability from osv_ubuntu
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-keymaps",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-kvm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-user",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-user-static",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
},
{
"binary_name": "qemu-utils",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm6"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@2.0.0+dfsg-2ubuntu1.47+esm6?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.0+dfsg-2ubuntu1.47+esm6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.5.0+dfsg-3ubuntu5",
"1.5.0+dfsg-3ubuntu6",
"1.6.0+dfsg-2ubuntu1",
"1.6.0+dfsg-2ubuntu2",
"1.6.0+dfsg-2ubuntu3",
"1.6.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu1",
"1.7.0+dfsg-2ubuntu2",
"1.7.0+dfsg-2ubuntu3",
"1.7.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu5",
"1.7.0+dfsg-2ubuntu7",
"1.7.0+dfsg-2ubuntu8",
"1.7.0+dfsg-2ubuntu9",
"1.7.0+dfsg-3ubuntu1~ppa1",
"1.7.0+dfsg-3ubuntu1",
"1.7.0+dfsg-3ubuntu2",
"1.7.0+dfsg-3ubuntu3",
"1.7.0+dfsg-3ubuntu4",
"1.7.0+dfsg-3ubuntu5",
"1.7.0+dfsg-3ubuntu6",
"1.7.0+dfsg-3ubuntu7",
"2.0.0~rc1+dfsg-0ubuntu1",
"2.0.0~rc1+dfsg-0ubuntu2",
"2.0.0~rc1+dfsg-0ubuntu3",
"2.0.0~rc1+dfsg-0ubuntu3.1",
"2.0.0+dfsg-2ubuntu1",
"2.0.0+dfsg-2ubuntu1.1",
"2.0.0+dfsg-2ubuntu1.2",
"2.0.0+dfsg-2ubuntu1.3",
"2.0.0+dfsg-2ubuntu1.5",
"2.0.0+dfsg-2ubuntu1.6",
"2.0.0+dfsg-2ubuntu1.7",
"2.0.0+dfsg-2ubuntu1.8",
"2.0.0+dfsg-2ubuntu1.9",
"2.0.0+dfsg-2ubuntu1.10",
"2.0.0+dfsg-2ubuntu1.11",
"2.0.0+dfsg-2ubuntu1.13",
"2.0.0+dfsg-2ubuntu1.14",
"2.0.0+dfsg-2ubuntu1.15",
"2.0.0+dfsg-2ubuntu1.16",
"2.0.0+dfsg-2ubuntu1.17",
"2.0.0+dfsg-2ubuntu1.18",
"2.0.0+dfsg-2ubuntu1.19",
"2.0.0+dfsg-2ubuntu1.20",
"2.0.0+dfsg-2ubuntu1.21",
"2.0.0+dfsg-2ubuntu1.22",
"2.0.0+dfsg-2ubuntu1.24",
"2.0.0+dfsg-2ubuntu1.25",
"2.0.0+dfsg-2ubuntu1.26",
"2.0.0+dfsg-2ubuntu1.27",
"2.0.0+dfsg-2ubuntu1.28",
"2.0.0+dfsg-2ubuntu1.29",
"2.0.0+dfsg-2ubuntu1.30",
"2.0.0+dfsg-2ubuntu1.31",
"2.0.0+dfsg-2ubuntu1.32",
"2.0.0+dfsg-2ubuntu1.33",
"2.0.0+dfsg-2ubuntu1.34",
"2.0.0+dfsg-2ubuntu1.35",
"2.0.0+dfsg-2ubuntu1.36",
"2.0.0+dfsg-2ubuntu1.38",
"2.0.0+dfsg-2ubuntu1.39",
"2.0.0+dfsg-2ubuntu1.40",
"2.0.0+dfsg-2ubuntu1.41",
"2.0.0+dfsg-2ubuntu1.42",
"2.0.0+dfsg-2ubuntu1.43",
"2.0.0+dfsg-2ubuntu1.44",
"2.0.0+dfsg-2ubuntu1.45",
"2.0.0+dfsg-2ubuntu1.46",
"2.0.0+dfsg-2ubuntu1.47",
"2.0.0+dfsg-2ubuntu1.47+esm1",
"2.0.0+dfsg-2ubuntu1.47+esm2",
"2.0.0+dfsg-2ubuntu1.47+esm3",
"2.0.0+dfsg-2ubuntu1.47+esm4"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.51+esm4?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.5+dfsg-5ubuntu10.51+esm4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.3+dfsg-5ubuntu9",
"1:2.3+dfsg-5ubuntu10",
"1:2.4+dfsg-4ubuntu1",
"1:2.4+dfsg-4ubuntu2",
"1:2.4+dfsg-4ubuntu3",
"1:2.4+dfsg-5ubuntu3",
"1:2.5+dfsg-1ubuntu2",
"1:2.5+dfsg-1ubuntu3",
"1:2.5+dfsg-1ubuntu4",
"1:2.5+dfsg-1ubuntu5",
"1:2.5+dfsg-5ubuntu1",
"1:2.5+dfsg-5ubuntu2",
"1:2.5+dfsg-5ubuntu4",
"1:2.5+dfsg-5ubuntu6",
"1:2.5+dfsg-5ubuntu7",
"1:2.5+dfsg-5ubuntu10",
"1:2.5+dfsg-5ubuntu10.1",
"1:2.5+dfsg-5ubuntu10.2",
"1:2.5+dfsg-5ubuntu10.3",
"1:2.5+dfsg-5ubuntu10.4",
"1:2.5+dfsg-5ubuntu10.5",
"1:2.5+dfsg-5ubuntu10.6",
"1:2.5+dfsg-5ubuntu10.7",
"1:2.5+dfsg-5ubuntu10.8",
"1:2.5+dfsg-5ubuntu10.9",
"1:2.5+dfsg-5ubuntu10.10",
"1:2.5+dfsg-5ubuntu10.11",
"1:2.5+dfsg-5ubuntu10.13",
"1:2.5+dfsg-5ubuntu10.14",
"1:2.5+dfsg-5ubuntu10.15",
"1:2.5+dfsg-5ubuntu10.16",
"1:2.5+dfsg-5ubuntu10.20",
"1:2.5+dfsg-5ubuntu10.21",
"1:2.5+dfsg-5ubuntu10.22",
"1:2.5+dfsg-5ubuntu10.24",
"1:2.5+dfsg-5ubuntu10.25",
"1:2.5+dfsg-5ubuntu10.26",
"1:2.5+dfsg-5ubuntu10.28",
"1:2.5+dfsg-5ubuntu10.29",
"1:2.5+dfsg-5ubuntu10.30",
"1:2.5+dfsg-5ubuntu10.31",
"1:2.5+dfsg-5ubuntu10.32",
"1:2.5+dfsg-5ubuntu10.33",
"1:2.5+dfsg-5ubuntu10.34",
"1:2.5+dfsg-5ubuntu10.35",
"1:2.5+dfsg-5ubuntu10.36",
"1:2.5+dfsg-5ubuntu10.37",
"1:2.5+dfsg-5ubuntu10.38",
"1:2.5+dfsg-5ubuntu10.39",
"1:2.5+dfsg-5ubuntu10.40",
"1:2.5+dfsg-5ubuntu10.41",
"1:2.5+dfsg-5ubuntu10.42",
"1:2.5+dfsg-5ubuntu10.43",
"1:2.5+dfsg-5ubuntu10.44",
"1:2.5+dfsg-5ubuntu10.45",
"1:2.5+dfsg-5ubuntu10.46",
"1:2.5+dfsg-5ubuntu10.47",
"1:2.5+dfsg-5ubuntu10.48",
"1:2.5+dfsg-5ubuntu10.49",
"1:2.5+dfsg-5ubuntu10.51",
"1:2.5+dfsg-5ubuntu10.51+esm1",
"1:2.5+dfsg-5ubuntu10.51+esm2",
"1:2.5+dfsg-5ubuntu10.51+esm3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.39?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.11+dfsg-1ubuntu7.39"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.10+dfsg-0ubuntu3",
"1:2.10+dfsg-0ubuntu4",
"1:2.10+dfsg-0ubuntu5",
"1:2.11+dfsg-1ubuntu1",
"1:2.11+dfsg-1ubuntu2",
"1:2.11+dfsg-1ubuntu4",
"1:2.11+dfsg-1ubuntu5",
"1:2.11+dfsg-1ubuntu6",
"1:2.11+dfsg-1ubuntu7",
"1:2.11+dfsg-1ubuntu7.1",
"1:2.11+dfsg-1ubuntu7.2",
"1:2.11+dfsg-1ubuntu7.3",
"1:2.11+dfsg-1ubuntu7.4",
"1:2.11+dfsg-1ubuntu7.5",
"1:2.11+dfsg-1ubuntu7.6",
"1:2.11+dfsg-1ubuntu7.7",
"1:2.11+dfsg-1ubuntu7.8",
"1:2.11+dfsg-1ubuntu7.9",
"1:2.11+dfsg-1ubuntu7.10",
"1:2.11+dfsg-1ubuntu7.12",
"1:2.11+dfsg-1ubuntu7.13",
"1:2.11+dfsg-1ubuntu7.14",
"1:2.11+dfsg-1ubuntu7.15",
"1:2.11+dfsg-1ubuntu7.17",
"1:2.11+dfsg-1ubuntu7.18",
"1:2.11+dfsg-1ubuntu7.19",
"1:2.11+dfsg-1ubuntu7.20",
"1:2.11+dfsg-1ubuntu7.21",
"1:2.11+dfsg-1ubuntu7.22",
"1:2.11+dfsg-1ubuntu7.23",
"1:2.11+dfsg-1ubuntu7.25",
"1:2.11+dfsg-1ubuntu7.26",
"1:2.11+dfsg-1ubuntu7.27",
"1:2.11+dfsg-1ubuntu7.28",
"1:2.11+dfsg-1ubuntu7.29",
"1:2.11+dfsg-1ubuntu7.31",
"1:2.11+dfsg-1ubuntu7.32",
"1:2.11+dfsg-1ubuntu7.33",
"1:2.11+dfsg-1ubuntu7.34",
"1:2.11+dfsg-1ubuntu7.35",
"1:2.11+dfsg-1ubuntu7.36",
"1:2.11+dfsg-1ubuntu7.37",
"1:2.11+dfsg-1ubuntu7.38"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.21?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16",
"1:4.2-3ubuntu6.17",
"1:4.2-3ubuntu6.18",
"1:4.2-3ubuntu6.19"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.",
"id": "UBUNTU-CVE-2021-20203",
"modified": "2026-06-09T19:04:16Z",
"published": "2021-02-25T20:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-20203"
},
{
"type": "REPORT",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20203"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8412-1"
}
],
"related": [
"USN-5307-1",
"USN-8412-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-20203"
]
}
ubuntu-cve-2021-3544
Vulnerability from osv_ubuntu
Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.
| URL | Type | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.17"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.17?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.17"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.",
"id": "UBUNTU-CVE-2021-3544",
"modified": "2025-09-08T16:46:45Z",
"published": "2021-06-02T14:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3544"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01155.html"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01151.html"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01157.html"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01152.html"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01156.html"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01158.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5010-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3544"
}
],
"related": [
"USN-5010-1",
"USN-5307-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-3544"
]
}
ubuntu-cve-2021-3545
Vulnerability from osv_ubuntu
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host.
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.17"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.17?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.17"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host.",
"id": "UBUNTU-CVE-2021-3545",
"modified": "2025-09-08T16:46:45Z",
"published": "2021-06-02T14:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3545"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01155.html"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01153.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5010-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3545"
}
],
"related": [
"USN-5010-1",
"USN-5307-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-3545"
]
}
ubuntu-cve-2021-3546
Vulnerability from osv_ubuntu
An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process.
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.17"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.17"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.17?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.17"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the \u0027VIRTIO_GPU_CMD_GET_CAPSET\u0027 command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process.",
"id": "UBUNTU-CVE-2021-3546",
"modified": "2025-09-08T16:46:45Z",
"published": "2021-06-02T14:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3546"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01155.html"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01154.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5010-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3546"
}
],
"related": [
"USN-5010-1",
"USN-5307-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-3546"
]
}
ubuntu-cve-2021-3682
Vulnerability from osv_ubuntu
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-keymaps",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-kvm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-user",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-user-static",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-utils",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@2.0.0+dfsg-2ubuntu1.47+esm2?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.0+dfsg-2ubuntu1.47+esm2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.5.0+dfsg-3ubuntu5",
"1.5.0+dfsg-3ubuntu6",
"1.6.0+dfsg-2ubuntu1",
"1.6.0+dfsg-2ubuntu2",
"1.6.0+dfsg-2ubuntu3",
"1.6.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu1",
"1.7.0+dfsg-2ubuntu2",
"1.7.0+dfsg-2ubuntu3",
"1.7.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu5",
"1.7.0+dfsg-2ubuntu7",
"1.7.0+dfsg-2ubuntu8",
"1.7.0+dfsg-2ubuntu9",
"1.7.0+dfsg-3ubuntu1~ppa1",
"1.7.0+dfsg-3ubuntu1",
"1.7.0+dfsg-3ubuntu2",
"1.7.0+dfsg-3ubuntu3",
"1.7.0+dfsg-3ubuntu4",
"1.7.0+dfsg-3ubuntu5",
"1.7.0+dfsg-3ubuntu6",
"1.7.0+dfsg-3ubuntu7",
"2.0.0~rc1+dfsg-0ubuntu1",
"2.0.0~rc1+dfsg-0ubuntu2",
"2.0.0~rc1+dfsg-0ubuntu3",
"2.0.0~rc1+dfsg-0ubuntu3.1",
"2.0.0+dfsg-2ubuntu1",
"2.0.0+dfsg-2ubuntu1.1",
"2.0.0+dfsg-2ubuntu1.2",
"2.0.0+dfsg-2ubuntu1.3",
"2.0.0+dfsg-2ubuntu1.5",
"2.0.0+dfsg-2ubuntu1.6",
"2.0.0+dfsg-2ubuntu1.7",
"2.0.0+dfsg-2ubuntu1.8",
"2.0.0+dfsg-2ubuntu1.9",
"2.0.0+dfsg-2ubuntu1.10",
"2.0.0+dfsg-2ubuntu1.11",
"2.0.0+dfsg-2ubuntu1.13",
"2.0.0+dfsg-2ubuntu1.14",
"2.0.0+dfsg-2ubuntu1.15",
"2.0.0+dfsg-2ubuntu1.16",
"2.0.0+dfsg-2ubuntu1.17",
"2.0.0+dfsg-2ubuntu1.18",
"2.0.0+dfsg-2ubuntu1.19",
"2.0.0+dfsg-2ubuntu1.20",
"2.0.0+dfsg-2ubuntu1.21",
"2.0.0+dfsg-2ubuntu1.22",
"2.0.0+dfsg-2ubuntu1.24",
"2.0.0+dfsg-2ubuntu1.25",
"2.0.0+dfsg-2ubuntu1.26",
"2.0.0+dfsg-2ubuntu1.27",
"2.0.0+dfsg-2ubuntu1.28",
"2.0.0+dfsg-2ubuntu1.29",
"2.0.0+dfsg-2ubuntu1.30",
"2.0.0+dfsg-2ubuntu1.31",
"2.0.0+dfsg-2ubuntu1.32",
"2.0.0+dfsg-2ubuntu1.33",
"2.0.0+dfsg-2ubuntu1.34",
"2.0.0+dfsg-2ubuntu1.35",
"2.0.0+dfsg-2ubuntu1.36",
"2.0.0+dfsg-2ubuntu1.38",
"2.0.0+dfsg-2ubuntu1.39",
"2.0.0+dfsg-2ubuntu1.40",
"2.0.0+dfsg-2ubuntu1.41",
"2.0.0+dfsg-2ubuntu1.42",
"2.0.0+dfsg-2ubuntu1.43",
"2.0.0+dfsg-2ubuntu1.44",
"2.0.0+dfsg-2ubuntu1.45",
"2.0.0+dfsg-2ubuntu1.46",
"2.0.0+dfsg-2ubuntu1.47",
"2.0.0+dfsg-2ubuntu1.47+esm1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.51+esm1?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.5+dfsg-5ubuntu10.51+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.3+dfsg-5ubuntu9",
"1:2.3+dfsg-5ubuntu10",
"1:2.4+dfsg-4ubuntu1",
"1:2.4+dfsg-4ubuntu2",
"1:2.4+dfsg-4ubuntu3",
"1:2.4+dfsg-5ubuntu3",
"1:2.5+dfsg-1ubuntu2",
"1:2.5+dfsg-1ubuntu3",
"1:2.5+dfsg-1ubuntu4",
"1:2.5+dfsg-1ubuntu5",
"1:2.5+dfsg-5ubuntu1",
"1:2.5+dfsg-5ubuntu2",
"1:2.5+dfsg-5ubuntu4",
"1:2.5+dfsg-5ubuntu6",
"1:2.5+dfsg-5ubuntu7",
"1:2.5+dfsg-5ubuntu10",
"1:2.5+dfsg-5ubuntu10.1",
"1:2.5+dfsg-5ubuntu10.2",
"1:2.5+dfsg-5ubuntu10.3",
"1:2.5+dfsg-5ubuntu10.4",
"1:2.5+dfsg-5ubuntu10.5",
"1:2.5+dfsg-5ubuntu10.6",
"1:2.5+dfsg-5ubuntu10.7",
"1:2.5+dfsg-5ubuntu10.8",
"1:2.5+dfsg-5ubuntu10.9",
"1:2.5+dfsg-5ubuntu10.10",
"1:2.5+dfsg-5ubuntu10.11",
"1:2.5+dfsg-5ubuntu10.13",
"1:2.5+dfsg-5ubuntu10.14",
"1:2.5+dfsg-5ubuntu10.15",
"1:2.5+dfsg-5ubuntu10.16",
"1:2.5+dfsg-5ubuntu10.20",
"1:2.5+dfsg-5ubuntu10.21",
"1:2.5+dfsg-5ubuntu10.22",
"1:2.5+dfsg-5ubuntu10.24",
"1:2.5+dfsg-5ubuntu10.25",
"1:2.5+dfsg-5ubuntu10.26",
"1:2.5+dfsg-5ubuntu10.28",
"1:2.5+dfsg-5ubuntu10.29",
"1:2.5+dfsg-5ubuntu10.30",
"1:2.5+dfsg-5ubuntu10.31",
"1:2.5+dfsg-5ubuntu10.32",
"1:2.5+dfsg-5ubuntu10.33",
"1:2.5+dfsg-5ubuntu10.34",
"1:2.5+dfsg-5ubuntu10.35",
"1:2.5+dfsg-5ubuntu10.36",
"1:2.5+dfsg-5ubuntu10.37",
"1:2.5+dfsg-5ubuntu10.38",
"1:2.5+dfsg-5ubuntu10.39",
"1:2.5+dfsg-5ubuntu10.40",
"1:2.5+dfsg-5ubuntu10.41",
"1:2.5+dfsg-5ubuntu10.42",
"1:2.5+dfsg-5ubuntu10.43",
"1:2.5+dfsg-5ubuntu10.44",
"1:2.5+dfsg-5ubuntu10.45",
"1:2.5+dfsg-5ubuntu10.46",
"1:2.5+dfsg-5ubuntu10.47",
"1:2.5+dfsg-5ubuntu10.48",
"1:2.5+dfsg-5ubuntu10.49",
"1:2.5+dfsg-5ubuntu10.51"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.39?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.11+dfsg-1ubuntu7.39"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.10+dfsg-0ubuntu3",
"1:2.10+dfsg-0ubuntu4",
"1:2.10+dfsg-0ubuntu5",
"1:2.11+dfsg-1ubuntu1",
"1:2.11+dfsg-1ubuntu2",
"1:2.11+dfsg-1ubuntu4",
"1:2.11+dfsg-1ubuntu5",
"1:2.11+dfsg-1ubuntu6",
"1:2.11+dfsg-1ubuntu7",
"1:2.11+dfsg-1ubuntu7.1",
"1:2.11+dfsg-1ubuntu7.2",
"1:2.11+dfsg-1ubuntu7.3",
"1:2.11+dfsg-1ubuntu7.4",
"1:2.11+dfsg-1ubuntu7.5",
"1:2.11+dfsg-1ubuntu7.6",
"1:2.11+dfsg-1ubuntu7.7",
"1:2.11+dfsg-1ubuntu7.8",
"1:2.11+dfsg-1ubuntu7.9",
"1:2.11+dfsg-1ubuntu7.10",
"1:2.11+dfsg-1ubuntu7.12",
"1:2.11+dfsg-1ubuntu7.13",
"1:2.11+dfsg-1ubuntu7.14",
"1:2.11+dfsg-1ubuntu7.15",
"1:2.11+dfsg-1ubuntu7.17",
"1:2.11+dfsg-1ubuntu7.18",
"1:2.11+dfsg-1ubuntu7.19",
"1:2.11+dfsg-1ubuntu7.20",
"1:2.11+dfsg-1ubuntu7.21",
"1:2.11+dfsg-1ubuntu7.22",
"1:2.11+dfsg-1ubuntu7.23",
"1:2.11+dfsg-1ubuntu7.25",
"1:2.11+dfsg-1ubuntu7.26",
"1:2.11+dfsg-1ubuntu7.27",
"1:2.11+dfsg-1ubuntu7.28",
"1:2.11+dfsg-1ubuntu7.29",
"1:2.11+dfsg-1ubuntu7.31",
"1:2.11+dfsg-1ubuntu7.32",
"1:2.11+dfsg-1ubuntu7.33",
"1:2.11+dfsg-1ubuntu7.34",
"1:2.11+dfsg-1ubuntu7.35",
"1:2.11+dfsg-1ubuntu7.36",
"1:2.11+dfsg-1ubuntu7.37",
"1:2.11+dfsg-1ubuntu7.38"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.21?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16",
"1:4.2-3ubuntu6.17",
"1:4.2-3ubuntu6.18",
"1:4.2-3ubuntu6.19"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.",
"id": "UBUNTU-CVE-2021-3682",
"modified": "2025-09-08T16:46:47Z",
"published": "2021-08-05T20:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3682"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5772-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3682"
}
],
"related": [
"USN-5307-1",
"USN-5772-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-3682"
]
}
ubuntu-cve-2021-3713
Vulnerability from osv_ubuntu
An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of-bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host.
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of-bounds access to the UASDevice-\u003edata3 and UASDevice-\u003estatus3 fields. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host.",
"id": "UBUNTU-CVE-2021-3713",
"modified": "2025-09-08T16:46:47Z",
"published": "2021-08-25T19:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3713"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-3713"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-08/msg02766.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3713"
}
],
"related": [
"USN-5307-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-3713"
]
}
ubuntu-cve-2021-3748
Vulnerability from osv_ubuntu
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.39?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.11+dfsg-1ubuntu7.39"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.10+dfsg-0ubuntu3",
"1:2.10+dfsg-0ubuntu4",
"1:2.10+dfsg-0ubuntu5",
"1:2.11+dfsg-1ubuntu1",
"1:2.11+dfsg-1ubuntu2",
"1:2.11+dfsg-1ubuntu4",
"1:2.11+dfsg-1ubuntu5",
"1:2.11+dfsg-1ubuntu6",
"1:2.11+dfsg-1ubuntu7",
"1:2.11+dfsg-1ubuntu7.1",
"1:2.11+dfsg-1ubuntu7.2",
"1:2.11+dfsg-1ubuntu7.3",
"1:2.11+dfsg-1ubuntu7.4",
"1:2.11+dfsg-1ubuntu7.5",
"1:2.11+dfsg-1ubuntu7.6",
"1:2.11+dfsg-1ubuntu7.7",
"1:2.11+dfsg-1ubuntu7.8",
"1:2.11+dfsg-1ubuntu7.9",
"1:2.11+dfsg-1ubuntu7.10",
"1:2.11+dfsg-1ubuntu7.12",
"1:2.11+dfsg-1ubuntu7.13",
"1:2.11+dfsg-1ubuntu7.14",
"1:2.11+dfsg-1ubuntu7.15",
"1:2.11+dfsg-1ubuntu7.17",
"1:2.11+dfsg-1ubuntu7.18",
"1:2.11+dfsg-1ubuntu7.19",
"1:2.11+dfsg-1ubuntu7.20",
"1:2.11+dfsg-1ubuntu7.21",
"1:2.11+dfsg-1ubuntu7.22",
"1:2.11+dfsg-1ubuntu7.23",
"1:2.11+dfsg-1ubuntu7.25",
"1:2.11+dfsg-1ubuntu7.26",
"1:2.11+dfsg-1ubuntu7.27",
"1:2.11+dfsg-1ubuntu7.28",
"1:2.11+dfsg-1ubuntu7.29",
"1:2.11+dfsg-1ubuntu7.31",
"1:2.11+dfsg-1ubuntu7.32",
"1:2.11+dfsg-1ubuntu7.33",
"1:2.11+dfsg-1ubuntu7.34",
"1:2.11+dfsg-1ubuntu7.35",
"1:2.11+dfsg-1ubuntu7.36",
"1:2.11+dfsg-1ubuntu7.37",
"1:2.11+dfsg-1ubuntu7.38"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.21?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16",
"1:4.2-3ubuntu6.17",
"1:4.2-3ubuntu6.18",
"1:4.2-3ubuntu6.19"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor\u0027s address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.",
"id": "UBUNTU-CVE-2021-3748",
"modified": "2025-09-08T16:46:48Z",
"published": "2021-08-31T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3748"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg00388.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3748"
}
],
"related": [
"USN-5307-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-3748"
]
}
ubuntu-cve-2021-3930
Vulnerability from osv_ubuntu
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-keymaps",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-kvm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-user",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-user-static",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
},
{
"binary_name": "qemu-utils",
"binary_version": "2.0.0+dfsg-2ubuntu1.47+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@2.0.0+dfsg-2ubuntu1.47+esm2?arch=source\u0026distro=trusty/esm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.0+dfsg-2ubuntu1.47+esm2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.5.0+dfsg-3ubuntu5",
"1.5.0+dfsg-3ubuntu6",
"1.6.0+dfsg-2ubuntu1",
"1.6.0+dfsg-2ubuntu2",
"1.6.0+dfsg-2ubuntu3",
"1.6.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu1",
"1.7.0+dfsg-2ubuntu2",
"1.7.0+dfsg-2ubuntu3",
"1.7.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu5",
"1.7.0+dfsg-2ubuntu7",
"1.7.0+dfsg-2ubuntu8",
"1.7.0+dfsg-2ubuntu9",
"1.7.0+dfsg-3ubuntu1~ppa1",
"1.7.0+dfsg-3ubuntu1",
"1.7.0+dfsg-3ubuntu2",
"1.7.0+dfsg-3ubuntu3",
"1.7.0+dfsg-3ubuntu4",
"1.7.0+dfsg-3ubuntu5",
"1.7.0+dfsg-3ubuntu6",
"1.7.0+dfsg-3ubuntu7",
"2.0.0~rc1+dfsg-0ubuntu1",
"2.0.0~rc1+dfsg-0ubuntu2",
"2.0.0~rc1+dfsg-0ubuntu3",
"2.0.0~rc1+dfsg-0ubuntu3.1",
"2.0.0+dfsg-2ubuntu1",
"2.0.0+dfsg-2ubuntu1.1",
"2.0.0+dfsg-2ubuntu1.2",
"2.0.0+dfsg-2ubuntu1.3",
"2.0.0+dfsg-2ubuntu1.5",
"2.0.0+dfsg-2ubuntu1.6",
"2.0.0+dfsg-2ubuntu1.7",
"2.0.0+dfsg-2ubuntu1.8",
"2.0.0+dfsg-2ubuntu1.9",
"2.0.0+dfsg-2ubuntu1.10",
"2.0.0+dfsg-2ubuntu1.11",
"2.0.0+dfsg-2ubuntu1.13",
"2.0.0+dfsg-2ubuntu1.14",
"2.0.0+dfsg-2ubuntu1.15",
"2.0.0+dfsg-2ubuntu1.16",
"2.0.0+dfsg-2ubuntu1.17",
"2.0.0+dfsg-2ubuntu1.18",
"2.0.0+dfsg-2ubuntu1.19",
"2.0.0+dfsg-2ubuntu1.20",
"2.0.0+dfsg-2ubuntu1.21",
"2.0.0+dfsg-2ubuntu1.22",
"2.0.0+dfsg-2ubuntu1.24",
"2.0.0+dfsg-2ubuntu1.25",
"2.0.0+dfsg-2ubuntu1.26",
"2.0.0+dfsg-2ubuntu1.27",
"2.0.0+dfsg-2ubuntu1.28",
"2.0.0+dfsg-2ubuntu1.29",
"2.0.0+dfsg-2ubuntu1.30",
"2.0.0+dfsg-2ubuntu1.31",
"2.0.0+dfsg-2ubuntu1.32",
"2.0.0+dfsg-2ubuntu1.33",
"2.0.0+dfsg-2ubuntu1.34",
"2.0.0+dfsg-2ubuntu1.35",
"2.0.0+dfsg-2ubuntu1.36",
"2.0.0+dfsg-2ubuntu1.38",
"2.0.0+dfsg-2ubuntu1.39",
"2.0.0+dfsg-2ubuntu1.40",
"2.0.0+dfsg-2ubuntu1.41",
"2.0.0+dfsg-2ubuntu1.42",
"2.0.0+dfsg-2ubuntu1.43",
"2.0.0+dfsg-2ubuntu1.44",
"2.0.0+dfsg-2ubuntu1.45",
"2.0.0+dfsg-2ubuntu1.46",
"2.0.0+dfsg-2ubuntu1.47",
"2.0.0+dfsg-2ubuntu1.47+esm1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.5+dfsg-5ubuntu10.51+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.51+esm1?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.5+dfsg-5ubuntu10.51+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.3+dfsg-5ubuntu9",
"1:2.3+dfsg-5ubuntu10",
"1:2.4+dfsg-4ubuntu1",
"1:2.4+dfsg-4ubuntu2",
"1:2.4+dfsg-4ubuntu3",
"1:2.4+dfsg-5ubuntu3",
"1:2.5+dfsg-1ubuntu2",
"1:2.5+dfsg-1ubuntu3",
"1:2.5+dfsg-1ubuntu4",
"1:2.5+dfsg-1ubuntu5",
"1:2.5+dfsg-5ubuntu1",
"1:2.5+dfsg-5ubuntu2",
"1:2.5+dfsg-5ubuntu4",
"1:2.5+dfsg-5ubuntu6",
"1:2.5+dfsg-5ubuntu7",
"1:2.5+dfsg-5ubuntu10",
"1:2.5+dfsg-5ubuntu10.1",
"1:2.5+dfsg-5ubuntu10.2",
"1:2.5+dfsg-5ubuntu10.3",
"1:2.5+dfsg-5ubuntu10.4",
"1:2.5+dfsg-5ubuntu10.5",
"1:2.5+dfsg-5ubuntu10.6",
"1:2.5+dfsg-5ubuntu10.7",
"1:2.5+dfsg-5ubuntu10.8",
"1:2.5+dfsg-5ubuntu10.9",
"1:2.5+dfsg-5ubuntu10.10",
"1:2.5+dfsg-5ubuntu10.11",
"1:2.5+dfsg-5ubuntu10.13",
"1:2.5+dfsg-5ubuntu10.14",
"1:2.5+dfsg-5ubuntu10.15",
"1:2.5+dfsg-5ubuntu10.16",
"1:2.5+dfsg-5ubuntu10.20",
"1:2.5+dfsg-5ubuntu10.21",
"1:2.5+dfsg-5ubuntu10.22",
"1:2.5+dfsg-5ubuntu10.24",
"1:2.5+dfsg-5ubuntu10.25",
"1:2.5+dfsg-5ubuntu10.26",
"1:2.5+dfsg-5ubuntu10.28",
"1:2.5+dfsg-5ubuntu10.29",
"1:2.5+dfsg-5ubuntu10.30",
"1:2.5+dfsg-5ubuntu10.31",
"1:2.5+dfsg-5ubuntu10.32",
"1:2.5+dfsg-5ubuntu10.33",
"1:2.5+dfsg-5ubuntu10.34",
"1:2.5+dfsg-5ubuntu10.35",
"1:2.5+dfsg-5ubuntu10.36",
"1:2.5+dfsg-5ubuntu10.37",
"1:2.5+dfsg-5ubuntu10.38",
"1:2.5+dfsg-5ubuntu10.39",
"1:2.5+dfsg-5ubuntu10.40",
"1:2.5+dfsg-5ubuntu10.41",
"1:2.5+dfsg-5ubuntu10.42",
"1:2.5+dfsg-5ubuntu10.43",
"1:2.5+dfsg-5ubuntu10.44",
"1:2.5+dfsg-5ubuntu10.45",
"1:2.5+dfsg-5ubuntu10.46",
"1:2.5+dfsg-5ubuntu10.47",
"1:2.5+dfsg-5ubuntu10.48",
"1:2.5+dfsg-5ubuntu10.49",
"1:2.5+dfsg-5ubuntu10.51"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.11+dfsg-1ubuntu7.39"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.39?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.11+dfsg-1ubuntu7.39"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.10+dfsg-0ubuntu3",
"1:2.10+dfsg-0ubuntu4",
"1:2.10+dfsg-0ubuntu5",
"1:2.11+dfsg-1ubuntu1",
"1:2.11+dfsg-1ubuntu2",
"1:2.11+dfsg-1ubuntu4",
"1:2.11+dfsg-1ubuntu5",
"1:2.11+dfsg-1ubuntu6",
"1:2.11+dfsg-1ubuntu7",
"1:2.11+dfsg-1ubuntu7.1",
"1:2.11+dfsg-1ubuntu7.2",
"1:2.11+dfsg-1ubuntu7.3",
"1:2.11+dfsg-1ubuntu7.4",
"1:2.11+dfsg-1ubuntu7.5",
"1:2.11+dfsg-1ubuntu7.6",
"1:2.11+dfsg-1ubuntu7.7",
"1:2.11+dfsg-1ubuntu7.8",
"1:2.11+dfsg-1ubuntu7.9",
"1:2.11+dfsg-1ubuntu7.10",
"1:2.11+dfsg-1ubuntu7.12",
"1:2.11+dfsg-1ubuntu7.13",
"1:2.11+dfsg-1ubuntu7.14",
"1:2.11+dfsg-1ubuntu7.15",
"1:2.11+dfsg-1ubuntu7.17",
"1:2.11+dfsg-1ubuntu7.18",
"1:2.11+dfsg-1ubuntu7.19",
"1:2.11+dfsg-1ubuntu7.20",
"1:2.11+dfsg-1ubuntu7.21",
"1:2.11+dfsg-1ubuntu7.22",
"1:2.11+dfsg-1ubuntu7.23",
"1:2.11+dfsg-1ubuntu7.25",
"1:2.11+dfsg-1ubuntu7.26",
"1:2.11+dfsg-1ubuntu7.27",
"1:2.11+dfsg-1ubuntu7.28",
"1:2.11+dfsg-1ubuntu7.29",
"1:2.11+dfsg-1ubuntu7.31",
"1:2.11+dfsg-1ubuntu7.32",
"1:2.11+dfsg-1ubuntu7.33",
"1:2.11+dfsg-1ubuntu7.34",
"1:2.11+dfsg-1ubuntu7.35",
"1:2.11+dfsg-1ubuntu7.36",
"1:2.11+dfsg-1ubuntu7.37",
"1:2.11+dfsg-1ubuntu7.38"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:4.2-3ubuntu6.21"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:4.2-3ubuntu6.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:4.2-3ubuntu6.21?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2-3ubuntu6.21"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.0+dfsg-0ubuntu9",
"1:4.0+dfsg-0ubuntu10",
"1:4.2-1ubuntu1",
"1:4.2-1ubuntu2",
"1:4.2-3ubuntu1",
"1:4.2-3ubuntu2",
"1:4.2-3ubuntu3",
"1:4.2-3ubuntu4",
"1:4.2-3ubuntu5",
"1:4.2-3ubuntu6",
"1:4.2-3ubuntu6.1",
"1:4.2-3ubuntu6.2",
"1:4.2-3ubuntu6.3",
"1:4.2-3ubuntu6.4",
"1:4.2-3ubuntu6.5",
"1:4.2-3ubuntu6.6",
"1:4.2-3ubuntu6.7",
"1:4.2-3ubuntu6.8",
"1:4.2-3ubuntu6.9",
"1:4.2-3ubuntu6.10",
"1:4.2-3ubuntu6.11",
"1:4.2-3ubuntu6.12",
"1:4.2-3ubuntu6.14",
"1:4.2-3ubuntu6.15",
"1:4.2-3ubuntu6.16",
"1:4.2-3ubuntu6.17",
"1:4.2-3ubuntu6.18",
"1:4.2-3ubuntu6.19"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the \u0027page\u0027 argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.",
"id": "UBUNTU-CVE-2021-3930",
"modified": "2025-09-08T16:46:49Z",
"published": "2022-02-18T18:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3930"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5772-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3930"
}
],
"related": [
"USN-5307-1",
"USN-5772-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-3930"
]
}
ubuntu-cve-2021-4158
Vulnerability from osv_ubuntu
A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-data",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-gui",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-microvm",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-system-x86-xen",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:6.2+dfsg-2ubuntu5"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:6.2+dfsg-2ubuntu5"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu5?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.2+dfsg-2ubuntu5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:6.0+dfsg-2expubuntu1",
"1:6.0+dfsg-2expubuntu2",
"1:6.0+dfsg-2expubuntu4"
]
}
],
"aliases": [],
"details": "A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.",
"id": "UBUNTU-CVE-2021-4158",
"modified": "2025-09-08T16:46:52Z",
"published": "2021-12-24T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-4158"
},
{
"type": "REPORT",
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2021-12/msg03692.html"
},
{
"type": "REPORT",
"url": "https://www.mail-archive.com/qemu-devel@nongnu.org/msg857944.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5307-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4158"
}
],
"related": [
"USN-5307-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2021-4158"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.