Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2019-13164

Published: 3 July 2019

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.

From the Ubuntu Security Team

Riccardo Schirone discovered that the QEMU bridge helper did not properly validate network interface names. A local attacker could possibly use this to bypass ACL restrictions.

Notes

AuthorNote
sbeattie
qemu-bridge-helper.c does not exist in precise's qemu
package

Priority

Low

Cvss 3 Severity Score

7.8

Score breakdown

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
bionic
Released (1:2.11+dfsg-1ubuntu7.20)
cosmic Ignored
(end of life)
disco
Released (1:3.1+dfsg-2ubuntu3.6)
eoan
Released (1:4.0+dfsg-0ubuntu9.1)
trusty
Released (2.0.0+dfsg-2ubuntu1.47)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
upstream
Released (1:4.1-1)
xenial
Released (1:2.5+dfsg-5ubuntu10.42)
Patches:
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=6f5d8671225dc77190647f18a27a0d156d4ca97a
qemu-kvm
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

Severity score breakdown

Parameter Value
Base score 7.8
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H