Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2020-15469

Published: 2 July 2020

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

Notes

AuthorNote
mdeslaur
impact is limited, a privileged guest user can only use this
issue to perform a denial of service to their own instance

Priority

Low

Cvss 3 Severity Score

2.3

Score breakdown

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
eoan Ignored
(end of life)
upstream Needs triage

impish
Released (1:6.0+dfsg-1~ubuntu3)
xenial Needed

groovy
Released (1:5.0-5ubuntu9.9)
hirsute
Released (1:5.2+dfsg-9ubuntu3.1)
bionic
Released (1:2.11+dfsg-1ubuntu7.37)
focal
Released (1:4.2-3ubuntu6.17)
trusty Needed

jammy
Released (1:6.0+dfsg-1~ubuntu3)
kinetic
Released (1:6.0+dfsg-1~ubuntu3)
lunar
Released (1:6.0+dfsg-1~ubuntu3)
mantic
Released (1:6.0+dfsg-1~ubuntu3)
Patches:
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=520f26fc6d17b71a43eaf620e834b3bdf316f3d3
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=4f2a5202a05fc1612954804a2482f07bff105ea2
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=24202d2b561c3b4c48bd28383c8c34b4ac66c2bf
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=f867cebaedbc9c43189f102e4cdfdff05e88df7f
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=b5bf601f364e1a14ca4c3276f88dfec024acf613
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=921604e175b8ec06c39503310e7b3ec1e3eafe9e
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=2c9fb3b784000c1df32231e1c2464bb2e3fc4620
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=735754aaa15a6ed46db51fd731e88331c446ea54
qemu-kvm
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

focal Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

impish Does not exist

hirsute Does not exist

groovy Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

mantic Does not exist

Severity score breakdown

Parameter Value
Base score 2.3
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact Low
Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L