{"id":"USN-6954-1","summary":"qemu vulnerabilities","details":"Markus Frank and Fiona Ebner discovered that QEMU did not properly\nhandle certain memory operations, leading to a NULL pointer dereference.\nAn authenticated user could potentially use this issue to cause a denial\nof service. (CVE-2023-6683)\n\nXiao Lei discovered that QEMU did not properly handle certain memory \noperations when specific features were enabled, which could lead to a\nstack overflow. An attacker could potentially use this issue to leak\nsensitive information. (CVE-2023-6693)\n\nIt was discovered that QEMU had an integer underflow vulnerability in \nthe TI command, which would result in a buffer overflow. An attacker\ncould potentially use this issue to cause a denial of service. \n(CVE-2024-24474)\n","modified":"2026-02-10T04:45:02Z","published":"2024-08-13T06:44:37Z","related":["UBUNTU-CVE-2023-6683","UBUNTU-CVE-2023-6693","UBUNTU-CVE-2024-24474"],"upstream":["CVE-2023-6683","CVE-2023-6693","CVE-2024-24474","UBUNTU-CVE-2023-6683","UBUNTU-CVE-2023-6693","UBUNTU-CVE-2024-24474"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6954-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-6683"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-6693"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-24474"}],"affected":[{"package":{"name":"qemu","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/qemu@1:6.2+dfsg-2ubuntu6.22?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:6.2+dfsg-2ubuntu6.22"}]}],"versions":["1:6.0+dfsg-2expubuntu1","1:6.0+dfsg-2expubuntu2","1:6.0+dfsg-2expubuntu4","1:6.2+dfsg-2ubuntu5","1:6.2+dfsg-2ubuntu6","1:6.2+dfsg-2ubuntu6.1","1:6.2+dfsg-2ubuntu6.2","1:6.2+dfsg-2ubuntu6.3","1:6.2+dfsg-2ubuntu6.4","1:6.2+dfsg-2ubuntu6.5","1:6.2+dfsg-2ubuntu6.6","1:6.2+dfsg-2ubuntu6.7","1:6.2+dfsg-2ubuntu6.8","1:6.2+dfsg-2ubuntu6.9","1:6.2+dfsg-2ubuntu6.10","1:6.2+dfsg-2ubuntu6.11","1:6.2+dfsg-2ubuntu6.12","1:6.2+dfsg-2ubuntu6.13","1:6.2+dfsg-2ubuntu6.14","1:6.2+dfsg-2ubuntu6.15","1:6.2+dfsg-2ubuntu6.16","1:6.2+dfsg-2ubuntu6.17","1:6.2+dfsg-2ubuntu6.18","1:6.2+dfsg-2ubuntu6.19","1:6.2+dfsg-2ubuntu6.21"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"qemu","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-block-extra","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-guest-agent","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-arm","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-common","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-data","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-gui","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-mips","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-misc","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-ppc","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-s390x","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-sparc","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-x86","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-x86-microvm","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-system-x86-xen","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-user","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-user-binfmt","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-user-static","binary_version":"1:6.2+dfsg-2ubuntu6.22"},{"binary_name":"qemu-utils","binary_version":"1:6.2+dfsg-2ubuntu6.22"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6954-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-6683"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2023-6693"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-24474"}],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.3"}