group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1789551] Re: qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1789551@xxxxxxxxxxxxxxxxxx>
Date: Tue, 04 Sep 2018 18:53:45 -0000
Reply-to: Bug 1789551 <1789551@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package qemu - 1:2.12+dfsg-3ubuntu5

---------------
qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium

  * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
    ensure that the seccomp blacklist is applied to all threads (LP: #1789551)
    - CVE-2018-15746

 -- Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>  Wed, 29 Aug
2018 08:50:36 +0200

** Changed in: qemu (Ubuntu Cosmic)
       Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15746

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1789551

Title:
  qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads

Status in qemu package in Ubuntu:
  Fix Released
Status in qemu source package in Trusty:
  Won't Fix
Status in qemu source package in Xenial:
  Won't Fix
Status in qemu source package in Bionic:
  Triaged
Status in qemu source package in Cosmic:
  Fix Released
Status in qemu package in Debian:
  Confirmed

Bug description:
  The Qemu changes are public, so nothing to hide here IMHO, but leaving
  that to the security team.

  Copy from the related Debian bug that I commented on:
  "
  The following vulnerability was published for qemu.

  CVE-2018-15746[0]:
  seccomp: blacklist is not applied to all threads

  If you fix the vulnerability please also make sure to include the
  CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

  For further information see:

  [0] https://security-tracker.debian.org/tracker/CVE-2018-15746
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15746
  [1] https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg04892.html
  [2] https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg02289.html
  "

  In addition I think that:
  - it is available (built in since all still supported releases)
  - it is default enabled with qemu 2.11 (Bionic)
  - with libvirt >4.3 (Cosmic) more of the filters are set

  That in my bad security severity guessing capability makes it
  - Medium prio <Bionic
  - High prio >=Bionic

  OTOH, when checking the upstream reproducer with a qemu 2.11 I see nothing being used - so maybe all of it is a red herring (checked on Bionic):
  $ for pid in $(pidof qemu-system-x86_64); do echo PID $pid; for task in /proc/$pid/task/*; do cat $task/status | grep Secc; done; done
  PID 10817
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  PID 10657
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  PID 438
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0
  Seccomp:        0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1789551/+subscriptions