CVE-2019-20175

Priority
Description
** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core.c in
QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in
the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion
that implies that the size of successful DMA transfers there must be a
multiple of 512 (the size of a sector). NOTE: a member of the QEMU security
team disputes the significance of this issue because a "privileged guest
user has many ways to cause similar DoS effect, without triggering this
assert."
Notes
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 19.10 (Eoan Ermine):needs-triage
Ubuntu 20.04 (Focal Fossa):needs-triage
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
More Information

Updated: 2020-01-29 19:01:13 UTC (commit 40f18bf14da5fb50662e1f861ea594a462b207fe)