This bug was fixed in the package qemu - 1:3.1+dfsg-2ubuntu1
---------------
qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium
* Merge with Debian testing, Among many other things this fixes LP Bugs:
LP: #1806104 - fix misleading page size error on ppc64el
LP: #1782205 - SnowRidge enabled new ISAs
LP: #1786956 - upgrade to qemu >= 3.0
LP: #1809083 - Backward migration to Xenial on ppc64el
LP: #1803315 - s390x Huge page enablement
LP: #1657409 - enable virglrenderer
Remaining Changes:
- qemu-kvm to systemd unit
- d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
hugepages and architecture specifics
- d/qemu-kvm.service: systemd unit to call qemu-kvm-init
- d/qemu-system-common.install: install systemd unit and helper script
- d/qemu-system-common.maintscript: clean old sysv and upstart scripts
- d/qemu-system-common.qemu-kvm.default: defaults for
/etc/default/qemu-kvm
- d/rules: install /etc/default/qemu-kvm
- Enable nesting by default
- d/qemu-system-x86.modprobe: set nested=1 module option on intel.
(is default on amd)
- d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
without nested=1
- d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
in qemu64 cpu type.
- d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
in qemu64 on amd
- d/qemu-system-x86.README.Debian: document intention of nested being
default is comfort, not full support
- Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types
- d/qemu-system-x86.NEWS Info on fixed machine type defintions
for host-phys-bits=true (LP: 1776189)
- add an info about -hpb machine type in debian/qemu-system-x86.NEWS
- d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
convenience with all meltdown/spectre workarounds enabled by default.
(LP: 1761372).
- improved dependencies
- Make qemu-system-common depend on qemu-block-extra
- Make qemu-utils depend on qemu-block-extra
- let qemu-utils recommend sharutils
- s390x support
- Create qemu-system-s390x package
- Enable numa support for s390x
- arch aware kvm wrappers
- d/control: update VCS links (updated to match latest Ubuntu)
- qemu-guest-agent: freeze-hook fixes (LP: 1484990)
- d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
- d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
- d/control-in: enable RDMA support in qemu (LP: 1692476)
- enable RDMA config option
- add libibumad-dev build-dep
- tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
reference 256k path
- d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
handle incoming migrations from former releases.
- d/control-in: Disable capstone disassembler library support (universe)
* Added Changes:
- d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
for qemu 3.1 in the Ubuntu Disco release
- d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
- Move s390x roms to a new qemu-system-data-s390x
- d/qemu-system-data.install: install s390x roms as architecture:all in
qemu-system-data
- d/rules: build s390-ccw.img with upstream Makefile
- d/rules: build s390x-netboot.img with upstream Makefile
- d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
As that hack to build s390-ccw.img rom can't build s390x-netboot.img
replace it with a build-indep using the upstream makefiles.
This is less prone to miss future changes/fixes that are done to the
makefiles
- d/control-in: add breaks/replaces for moving s390x roms from
qemu-system-s390x to qemu-system-data
- remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
[From not yet uploaded Debian branch]
- d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
(Closes: #918378)
- d/rules: fix qemu-kvm service for debhelper compat >=12
- d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
avoid misdetection of simplified nesting blocking all migrations
- d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
unimplement.patch: properly return archicture defined exception
on bad subcodes of diag 308 (LP: #1812384)
* Dropped Changes:
- Include s390-ccw.img firmware (old style native build)
- d/rules enable install s390x-netboot.img (old style native build)
- libvirt/qemu user/group support
- qemu-system-common.postinst: remove acl placed by udev, and add udevadm
trigger.
[ Droppable since logind properly sets ACLs now ]
- qemu-system-common.preinst: add kvm group if needed
[ Droppable because systemd/udev take care of it since 239-6]
- d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
freeze-hook fixes (LP: 1484990)
[upstream]
- d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
merged upstream
[upstream]
- d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
computation while concatenating mbuf.
CVE-2018-11806
[upstream]
- d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
for powerpc64 to speed up translation (LP: 1781526)
[upstream]
- d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
cpu model for z14 ZR1 (LP: 1780773).
[upstream]
- Mark qemu-system-data foreign to be able to install it e.g. on i386
(Closes: 903562)
[in Debian]
- d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
unreleased Debian version)
[in Debian]
- d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
by migrations with UI frontends or frequent guest resolution changes
(LP #1755912)
[upstream]
- d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
extend eieio for POWER9 emulation (LP: 1787408).
[upstream]
- d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
[upstream]
- improve s390x spectre mitigation with etoken facility (LP: 1790457)
[upstream]
- Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
[upstream]
- d/control-in: our addition of a qemu-system-s390x package needs to follow
the split of qemu-system-data by adding a dependency to it (LP: 1798084)
[in Debian]
- debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
Adapters on s390x (LP: 1787405)
[upstream]
- enable opengl for vfio-MDEV support (LP: 1804766)
[in Debian]
- SECURITY UPDATE: integer overflow in NE2000 NIC emulation
[upstream]
- SECURITY UPDATE: integer overflow via crafted QMP command
[upstream]
- SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
[upstream]
- SECURITY UPDATE: buffer overflow in rtl8139
[upstream]
- SECURITY UPDATE: buffer overflow in pcnet
[upstream]
- SECURITY UPDATE: DoS via large packet sizes
[upstream]
- SECURITY UPDATE: DoS in lsi53c895a
[upstream]
- SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
[upstream]
- SECURITY UPDATE: race condition in 9p
[upstream]
qemu (1:3.1+dfsg-2) unstable; urgency=medium
* d/rules: split arch and indep builds
* enable s390x cross-compiler and build s390-ccw.img (Closes: #684909)
* build x86 optionrom in qemu-system-data (was in seabios/debian/)
* qemu-system-data: Multi-Arch: allowed=>foreign (Closes: #903562)
* fix Replaces: version for qemu-system-common (Closes: #916279)
* add simple udev rules file for systemd guest agent (Closes: #916674)
* usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
Race condition in usb_mtp implementation (Closes: #916397)
* bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665.patch
Memory corruption in bluetooth subsystem (Closes: #916278)
* hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch (Closes: #917007)
* bump debhelper compat to 12 (>>11)
* d/rules: use dh_missing instead of dh_install --list-missing (compat=12)
* use dh_installsystemd for guest agent (Closes: #916625)
* mention closing by 3.1: Closes: #912655, CVE-2018-16847
* mention closing by 2.10:
Closes: #849798, CVE-2016-10028
Closes: CVE-2017-9060
Closes: CVE-2017-8284
qemu (1:3.1+dfsg-1) unstable; urgency=medium
* new upstream release (3.1)
* Security bugs fixed by upstream:
Closes: #910431, CVE-2018-10839:
integer overflow leads to buffer overflow issue
Closes: #911468, CVE-2018-17962
pcnet: integer overflow leads to buffer overflow
Closes: #911469, CVE-2018-17963
net: ignore packets with large size
Closes: #908682, CVE-2018-3639
qemu should be able to pass the ssbd cpu flag
Closes: #901017, CVE-2018-11806
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow
via incoming fragmented datagrams
Closes: #902725, CVE-2018-12617
qmp_guest_file_read in qemu-ga has an integer overflow
Closes: #907500, CVE-2018-15746
qemu-seccomp might allow local OS guest users to cause a denial of service
Closes: #915884, CVE-2018-16867
dev-mtp: path traversal in usb_mtp_write_data of the MTP
Closes: #911499, CVE-2018-17958
Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c
because an incorrect integer data type is used
Closes: #911470, CVE-2018-18438
integer overflows because IOReadHandler and its associated functions
use a signed integer data type for a size value
Closes: #912535, CVE-2018-18849
lsi53c895a: OOB msg buffer access leads to DoS
Closes: #914604, CVE-2018-18954
pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1
allows out-of-bounds write or read access to PowerNV memory
Closes: #914599, CVE-2018-19364
Use-after-free due to race condition while updating fid path
Closes: #914727, CVE-2018-19489
9pfs: crash due to race condition in renaming files
Closes: #912655, CVE-2018-16847
Out-of-bounds r/w buffer access in cmb operations
* remove patches which were applied upstream
* add new manpage qemu-cpu-models.7
* qemu-system-ppcemb is gone, use qemu-system-ppc[64]
* do-not-link-everything-with-xen.patch (trivial)
* get-orig-source: handle 3.x and 4.x, and remove roms again, as
upstream wants us to use separate source packages for that stuff
* move generated data from qemu-system-data back to qemu-system-common
* d/control: enable spice on arm64 (Closes: #902501)
(probably should enable on all)
* d/control: change git@salsa urls to https
* add qemu-guest-agent.service (Closes: #795486)
* enable opengl support and virglrenderer (Closes: #813658)
* simplify d/rules just a little bit
* build-depend on libudev-dev, for qga
-- Christian Ehrhardt <christian.ehrha...@canonical.com> Tue, 08 Jan
2019 09:41:08 +0100
** Changed in: qemu (Ubuntu)
Status: Triaged => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-10028
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8284
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9060
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10839
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-11806
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12617
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15746
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16847
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16867
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16872
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17958
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17962
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17963
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18438
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18849
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18954
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19364
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19489
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19665
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1782205
Title:
KVM SnowRidge enable new ISAs
Status in linux package in Ubuntu:
Confirmed
Status in qemu package in Ubuntu:
Fix Released
Status in xen package in Ubuntu:
Invalid
Bug description:
Add KVM support for SnowRidge New Instructions: GFNI and CLDEMOT
GFNI: New instruction to compute an affine transformation in the Galois Field.
The instruction is described here:
https://software.intel.com/sites/default/files/managed/c5/15/architecture-instruction-set-extensions-programming-reference.pdf
CLDEMOT: New instruction to hint to hardware that a cache line is
likely to be shared. This is used to improve core-to-core
communication.
Upstream Target is Linux 4.20
Target Release: 19.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1782205/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
