Source: qemu X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security
Hi, The following vulnerability was published for qemu. CVE-2023-42467[0]: | QEMU through 8.0.0 could trigger a division by zero in | scsi_disk_reset in hw/scsi/scsi-disk.c because | scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize | from being 256. This stops QEMU and the guest immediately. https://gitlab.com/qemu-project/qemu/-/issues/1813 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-42467 https://www.cve.org/CVERecord?id=CVE-2023-42467 Please adjust the affected versions in the BTS as needed.