vulnerability
Ubuntu: (Multiple Advisories) (CVE-2019-12068): QEMU vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:N/A:P) | Sep 24, 2019 | Nov 14, 2019 | Aug 18, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:P)
Published
Sep 24, 2019
Added
Nov 14, 2019
Modified
Aug 18, 2025
Description
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.
Solutions
ubuntu-upgrade-qemuubuntu-upgrade-qemu-commonubuntu-upgrade-qemu-kvmubuntu-upgrade-qemu-system-commonubuntu-upgrade-qemu-system-guiubuntu-upgrade-qemu-system-x86ubuntu-upgrade-qemu-user-staticubuntu-upgrade-qemu-utils
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.