Opened 6 years ago
Closed 6 years ago
#11224 closed enhancement (fixed)
qemu-3.1.0
Reported by: | Douglas R. Reno | Owned by: | Bruce Dubbs |
---|---|---|---|
Priority: | normal | Milestone: | 8.4 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description (last modified by )
Multiple integer overflow issues were found and reported in various NIC emulations in QEMU. These integer overflow could occur while receiving packets and could lead to OOB stack buffer access, resulting in DoS scenario.
- CVE-2018-10839 Qemu: ne2000: integer overflow leads to buffer overflow issue
Upstream fix:
-> https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html
- CVE-2018-17958 Qemu: rtl8139: integer overflow leads to buffer overflow
Upstream fix:
-> https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html
- CVE-2018-17962 Qemu: pcnet: integer overflow leads to buffer overflow
Upstream fix:
-> https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html
- CVE-2018-17963 Qemu: net: ignore packets with large size
Upstream fix:
-> https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html
Change History (5)
comment:1 by , 6 years ago
comment:2 by , 6 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
Summary: | Generate qemu security patch → qemu-3.1.0 |
New minor version.
comment:3 by , 6 years ago
Description: | modified (diff) |
---|
comment:4 by , 6 years ago
Changelog is quite extensive. See https://wiki.qemu.org/ChangeLog/3.1 for the full list.
Incompatible changes
- The "qemu-system-ppcemb" target has been removed. "qemu-system-ppc" or "qemu-system-ppc64" should be used instead.
- The "tls", "x509", and "x509verify" options to "-vnc" have been removed. The "tls-creds" option should be used instead to point to a "tls-creds-x509" object created using "-object"
- The -drive options "cyls", "heads", "secs", "trans", "addr" and "serial" have been removed. The corresponding options of the "-device" parameter have to be used instead now.
- The "-balloon" option has been removed since it is replaced by "-device virtio-balloon" now.
- The "-nodefconfig" option has been removed. Use "-no-user-config" instead.
- The "-startdate", "-localtime" and "-rtc-td-hack" options have been removed. Use the corresponding parameters of "-rtc" instead.
- The "-tftp", "-bootp", "-redir" and "-smb" options have been removed. Use the corresponding parameters of "-nic" or "-netdev" instead.
- The "ssi-sd" device cannot be created anymore with "-device". This could be changed again in the future.
- x86 machines cannot be live-migrated if nested Intel virtualization is enabled. The next version of QEMU will be able to do live migration when nested virtualization is enabled, if supported by the kernel.
New deprecated options and features
- The '-machine enforce-config-section' parameter is replaced by the '-global migration.send-configuration' option.
- The 'name' parameter of the '-net' option is a synonym for the 'id' parameter, which should now be used instead.
- The 'hub_id name' parameter tuple of the 'hostfwd_add' and 'hostfwd_remove' HMP commands has been replaced by 'netdev_id'.
- The PowerPC target 'prep' machine type should be replaced by the '40p' machine type.
- Parsing of key,value pair filenames for the RBD block device
- Incorrect CPU topologies specified by -smp socket,core,thread options that are describing number of VCPUs not equal to 'maxcpus'
x86
- Multi-threaded TCG is now supported.
- Documented recommendations for choosing CPU models to ensure good performance and security of x86 guests.
- New CPU models IceLake-Server and IceLake-Client.
Build Dependencies
- Support for the GTK2 display frontend has been removed. GTK3 should be used instead
- The minimum Python version is now 2.7. The next release of QEMU should remove Python 2.x support.
- The minimum GTK3 version is now 3.14.0
- The minimum GNUTLS version is now 3.1.18
- The minimum libgcrypt version is now 1.5.0
- The minimum nettle version is now 2.7.1
- The minimum libseccomp version is now 2.2.0.
- libudev is now an optional dependency for qemu-ga.
It's been a while since the last qenu release -- about two months. Let's give this a few weeks to see if we get a new release.