PublicDateAtUSN: 2020-07-21 16:15:00 UTC
Candidate: CVE-2020-15859
PublicDate: 2020-07-21 16:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859
 https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05895.html
 https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05304.html
 https://www.openwall.com/lists/oss-security/2020/07/21/3
 https://ubuntu.com/security/notices/USN-4725-1
Description:
 QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS
 user can trigger an e1000e packet with the data's address set to the
 e1000e's MMIO address.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 https://bugs.launchpad.net/qemu/+bug/1886362
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978
Priority: medium
Discovered-by: Alexander Bulekov
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L [3.3 LOW]

Patches_qemu-kvm:
upstream_qemu-kvm: needs-triage
precise/esm_qemu-kvm: ignored (end of ESM support, was needs-triage)
trusty_qemu-kvm: DNE
trusty/esm_qemu-kvm: DNE
xenial_qemu-kvm: DNE
bionic_qemu-kvm: DNE
focal_qemu-kvm: DNE
groovy_qemu-kvm: DNE
hirsute_qemu-kvm: DNE
impish_qemu-kvm: DNE
jammy_qemu-kvm: DNE
devel_qemu-kvm: DNE

Patches_qemu:
 upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=22dc8663d9fc7baa22100544c600b6285a63c7a3
upstream_qemu: released (1:5.2+dfsg-1)
precise/esm_qemu: DNE
trusty_qemu: ignored (out of standard support)
trusty/esm_qemu: needs-triage
xenial_qemu: released (1:2.5+dfsg-5ubuntu10.49)
esm-infra/xenial_qemu: released (1:2.5+dfsg-5ubuntu10.49)
bionic_qemu: released (1:2.11+dfsg-1ubuntu7.35)
focal_qemu: released (1:4.2-3ubuntu6.12)
groovy_qemu: released (1:5.0-5ubuntu9.4)
hirsute_qemu: not-affected (1:5.2+dfsg-3ubuntu1)
impish_qemu: not-affected (1:5.2+dfsg-3ubuntu1)
jammy_qemu: not-affected (1:5.2+dfsg-3ubuntu1)
devel_qemu: not-affected (1:5.2+dfsg-3ubuntu1)