CVE-2018-19665

Published: 06 December 2018

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.

Priority

Low

CVSS 3 base score: 5.7

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(1:4.2-3ubuntu6.1)
Ubuntu 18.04 LTS (Bionic Beaver) Ignored

Ubuntu 16.04 ESM (Xenial Xerus) Ignored

Ubuntu 14.04 ESM (Trusty Tahr) Ignored

Patches:
Other: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg03570.html
qemu-kvm
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Notes

AuthorNote
mdeslaur
as of 2020-06-18, proposed fix not committed
as of https://github.com/qemu/qemu/commit/c0188e69d, the
bluetooth subsystem is marked as unmaintained

We will not be fixing this issue in Ubuntu stable releases.
We recommend not using the bluetooth support.

References

Bugs