CVE-2019-13164

Published: 03 July 2019

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.

From the Ubuntu security team

Riccardo Schirone discovered that the QEMU bridge helper did not properly validate network interface names. A local attacker could possibly use this to bypass ACL restrictions.

Priority

Low

CVSS 3 base score: 7.8

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
Upstream
Released (1:4.1-1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (1:2.11+dfsg-1ubuntu7.20)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1:2.5+dfsg-5ubuntu10.42)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.0.0+dfsg-2ubuntu1.47)
Patches:
Upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=6f5d8671225dc77190647f18a27a0d156d4ca97a
qemu-kvm
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist