Your submission was sent successfully! Close

CVE-2020-15469

Published: 2 July 2020

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

Notes

AuthorNote
mdeslaur
impact is limited, a privileged guest user can only use this
issue to perform a denial of service to their own instance
Priority

Low

CVSS 3 base score: 2.3

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
bionic
Released (1:2.11+dfsg-1ubuntu7.37)
eoan Ignored
(reached end-of-life)
focal
Released (1:4.2-3ubuntu6.17)
groovy
Released (1:5.0-5ubuntu9.9)
hirsute
Released (1:5.2+dfsg-9ubuntu3.1)
impish
Released (1:6.0+dfsg-1~ubuntu3)
jammy
Released (1:6.0+dfsg-1~ubuntu3)
precise Does not exist

trusty Needs triage

upstream Needs triage

xenial Needed

Patches:
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=520f26fc6d17b71a43eaf620e834b3bdf316f3d3
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=4f2a5202a05fc1612954804a2482f07bff105ea2
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=24202d2b561c3b4c48bd28383c8c34b4ac66c2bf
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=f867cebaedbc9c43189f102e4cdfdff05e88df7f
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=b5bf601f364e1a14ca4c3276f88dfec024acf613
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=921604e175b8ec06c39503310e7b3ec1e3eafe9e
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=2c9fb3b784000c1df32231e1c2464bb2e3fc4620
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=735754aaa15a6ed46db51fd731e88331c446ea54
qemu-kvm
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Ignored
(end of ESM support, was needs-triage)
trusty Does not exist

upstream Needs triage

xenial Does not exist