<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-devtools/qemu, branch kirkstone</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2026-01-26T09:49:25+00:00</updated>
<entry>
<title>qemu: ignore CVE-2025-54566 and CVE-2025-54567</title>
<updated>2026-01-26T09:49:25+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2025-12-31T21:58:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=15ea9a3dcbcbce4dc1c0e61f299ebff01f8b6e5d'/>
<id>urn:sha1:15ea9a3dcbcbce4dc1c0e61f299ebff01f8b6e5d</id>
<content type='text'>
These CVEs are not applicable to version 6.2.x as the vulnerable code
was introduced inly in 10.0.0.

Debian made the analysis, reuse their work.
* https://security-tracker.debian.org/tracker/CVE-2025-54566
* https://security-tracker.debian.org/tracker/CVE-2025-54567

(From OE-Core rev: 616e6c793bd025337aa8b66450408829fdfe59d5)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>qemu: fix CVE-2025-12464</title>
<updated>2025-12-31T15:24:54+00:00</updated>
<author>
<name>Kai Kang</name>
<email>kai.kang@windriver.com</email>
</author>
<published>2025-12-17T08:14:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=cde4ddcfd1659b06ef4703ff7656f4d6738aaf8a'/>
<id>urn:sha1:cde4ddcfd1659b06ef4703ff7656f4d6738aaf8a</id>
<content type='text'>
Backport patch to fix CVE-2025-12464.

Reference: https://gitlab.com/qemu-project/qemu/-/commit/a01344d9d7

(From OE-Core rev: 7ef40090719cab3fb9bda3f87a9d700d9b503e3e)

Signed-off-by: Kai Kang &lt;kai.kang@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: patch CVE-2024-8354</title>
<updated>2025-10-17T14:27:23+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2025-10-11T21:39:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=2952d99f0f777bf337c45ca1499eff04925a5e85'/>
<id>urn:sha1:2952d99f0f777bf337c45ca1499eff04925a5e85</id>
<content type='text'>
Pick commit per [1].

(From OE-Core rev: bebd1b24473e3480ae6c4ae2897fbfdf4942ea11)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: ignore CVE-2024-7730</title>
<updated>2025-08-29T15:33:33+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2025-08-22T19:16:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=f8c794053b34c85ece6c5d1e6d6ffe47fc59173f'/>
<id>urn:sha1:f8c794053b34c85ece6c5d1e6d6ffe47fc59173f</id>
<content type='text'>
This CVE is for virtio-snd which was introduced in 8.2.0.
Therefore ignore this CVE for version 6.2.0.

(From OE-Core rev: 93545ef00c4930dd297649934bee0e95c520ee16)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: ignore CVE-2023-1386</title>
<updated>2025-05-14T13:38:22+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2025-04-08T16:47:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=cdca0c82f78cee149447e98533203070e298134d'/>
<id>urn:sha1:cdca0c82f78cee149447e98533203070e298134d</id>
<content type='text'>
Upstream Repository: https://gitlab.com/qemu-project/qemu.git

Bug Details:  https://nvd.nist.gov/vuln/detail/CVE-2023-1386
Type: Security Advisory
CVE: CVE-2023-1386
Score: 3.3

Analysis:
- According to redhat[1] this CVE has closed as not a bug.

Reference:
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2223985

(From OE-Core rev: 6a5d9e3821246c39ec57fa483802e1bb74fca724)

(From OE-Core rev: f7c8877395d4ec0a91cd5cf54e6c2858495746fb)

Signed-off-by: Madhu Marri &lt;madmarri@cisco.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;

(Converted to old CVE_CHECK_IGNORE syntax)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: fix CVE-2024-3447</title>
<updated>2024-12-09T15:54:03+00:00</updated>
<author>
<name>Yogita Urade</name>
<email>yogita.urade@windriver.com</email>
</author>
<published>2024-12-04T05:23:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=450857b441c79898168691082210dbd2cd81bfc1'/>
<id>urn:sha1:450857b441c79898168691082210dbd2cd81bfc1</id>
<content type='text'>
A heap-based buffer overflow was found in the SDHCI device
emulation of QEMU. The bug is triggered when both
`s-&gt;data_count` and the size of `s-&gt;fifo_buffer` are set to
0x200, leading to an out-of-bound access. A malicious guest
could use this flaw to crash the QEMU process on the host,
resulting in a denial of service condition.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-3447

Upstream patch:
https://gitlab.com/qemu-project/qemu/-/commit/2429cb7a9f460b544f4b07bcf02dbdedfc4dcb39

(From OE-Core rev: 01d7ac9244364b7f89cd2f99fff11c2417bcad03)

Signed-off-by: Yogita Urade &lt;yogita.urade@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: fix CVE-2024-3446</title>
<updated>2024-12-09T15:54:03+00:00</updated>
<author>
<name>Divya Chellam</name>
<email>divya.chellam@windriver.com</email>
</author>
<published>2024-12-04T05:23:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e0736e9b27fc54bc2c50b5e83ff0d66f4f067bd1'/>
<id>urn:sha1:e0736e9b27fc54bc2c50b5e83ff0d66f4f067bd1</id>
<content type='text'>
A double free vulnerability was found in QEMU virtio devices
(virtio-gpu, virtio-serial-bus, virtio-crypto), where the
mem_reentrancy_guard flag insufficiently protects against DMA
reentrancy issues. This issue could allow a malicious privileged
guest to crash the QEMU process on the host, resulting in a d
enial of service or allow arbitrary code execution within the
context of the QEMU process on the host.

CVE-2024-3446-0004, CVE-2024-3446-0005, CVE-2024-3446-0006
are CVE fix and CVE-2024-3446-0001, CVE-2024-3446-0002,
CVE-2024-3446-0003 are dependent commits to fix the CVE.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-3446

Upstream patches:
https://gitlab.com/qemu-project/qemu/-/commit/9c86c97f12c060bf7484dd931f38634e166a81f0
https://gitlab.com/qemu-project/qemu/-/commit/f63192b0544af5d3e4d5edfd85ab520fcf671377
https://gitlab.com/qemu-project/qemu/-/commit/ec0504b989ca61e03636384d3602b7bf07ffe4da
https://gitlab.com/qemu-project/qemu/-/commit/ba28e0ff4d95b56dc334aac2730ab3651ffc3132
https://gitlab.com/qemu-project/qemu/-/commit/b4295bff25f7b50de1d9cc94a9c6effd40056bca
https://gitlab.com/qemu-project/qemu/-/commit/f4729ec39ad97a42ceaa7b5697f84f440ea6e5dc

(From OE-Core rev: db7e3a56656db0bc61ec2e35ccc149e9b90a389b)

Signed-off-by: Yogita Urade &lt;yogita.urade@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: patch CVE-2024-6505</title>
<updated>2024-12-09T15:54:03+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2024-12-02T23:37:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=47b90adf882fac910e85d3ed6383aec2e3d131b3'/>
<id>urn:sha1:47b90adf882fac910e85d3ed6383aec2e3d131b3</id>
<content type='text'>
Backport patch [3] as linked from [1] via [2].

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-6505
[2] https://bugzilla.redhat.com/show_bug.cgi?id=2295760
[3] https://gitlab.com/qemu-project/qemu/-/commit/f1595ceb

(From OE-Core rev: 7e725e126689cc44055e27a05efafb7b52e89192)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: ignore CVE-2022-36648</title>
<updated>2024-12-09T15:54:03+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2024-12-01T18:53:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=7aa27fe43b3ba0dd353b89919b6e24362a565c67'/>
<id>urn:sha1:7aa27fe43b3ba0dd353b89919b6e24362a565c67</id>
<content type='text'>
The CVE has disputed flag in NVD DB.

(From OE-Core rev: bd01091c33c1de6ae7e1605301e3f73350ee7e7e)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>qemu: fix CVE-2023-3019</title>
<updated>2024-11-02T13:32:36+00:00</updated>
<author>
<name>Yogita Urade</name>
<email>yogita.urade@windriver.com</email>
</author>
<published>2024-10-24T08:02:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e50d61d7df1aaa7a8850a4cc1ae661d657c311d5'/>
<id>urn:sha1:e50d61d7df1aaa7a8850a4cc1ae661d657c311d5</id>
<content type='text'>
A DMA reentrancy issue leading to a use-after-free error
was found in the e1000e NIC emulation code in QEMU. This
issue could allow a privileged guest user to crash the
QEMU process on the host, resulting in a denial of service.

CVE-2023-3019-0002 is the CVE fix and CVE-2023-3019-0001
is dependent CVE fix.

fix indent issue in qemu.inc file.

CVE-2023-3019 patch required Mem ReenttranceyGuard structure
definition, it's defined in commit:
https://github.com/qemu/qemu/commit/a2e1753b8054344f32cf94f31c6399a58794a380
but the patch is causing errors:
Failed: qemux86 does not shutdown within timeout(120)
so backported only required structure definition.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-3019

Upstream patches:
https://github.com/qemu/qemu/commit/7d0fefdf81f5973334c344f6b8e1896c309dff66
https://github.com/qemu/qemu/commit/3c0463a650008aec7de29cf84540652730510921

(From OE-Core rev: 3782e1b21882ffc5e4cc466418e066179470241e)

Signed-off-by: Yogita Urade &lt;yogita.urade@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
</feed>
