CVE 2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
Related bugs and status
CVE-2018-15746 (Candidate) is related to these bugs:
Bug #1759509: [19.10][qemu] virsh dompmwakeup fails to wake VM from dompmsuspend state (kvm)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1759509 | [19.10][qemu] virsh dompmwakeup fails to wake VM from dompmsuspend state (kvm) | qemu (Ubuntu) | High | Fix Released | ||
| 1759509 | [19.10][qemu] virsh dompmwakeup fails to wake VM from dompmsuspend state (kvm) | The Ubuntu-power-systems project | High | Fix Released | ||
| 1759509 | [19.10][qemu] virsh dompmwakeup fails to wake VM from dompmsuspend state (kvm) | libvirt (Ubuntu) | High | Fix Released | ||
Bug #1780773: [18.10 FEAT] zKVM: CPU Model z14 ZR 1
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1780773 | [18.10 FEAT] zKVM: CPU Model z14 ZR 1 | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1780773 | [18.10 FEAT] zKVM: CPU Model z14 ZR 1 | Ubuntu on IBM z Systems | High | Fix Released | ||
| 1780773 | [18.10 FEAT] zKVM: CPU Model z14 ZR 1 | qemu (Ubuntu Xenial) | Undecided | Won't Fix | ||
| 1780773 | [18.10 FEAT] zKVM: CPU Model z14 ZR 1 | qemu (Ubuntu Bionic) | Undecided | Fix Released | ||
Bug #1782205: KVM SnowRidge enable new ISAs
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1782205 | KVM SnowRidge enable new ISAs | xen (Ubuntu) | Undecided | Invalid | ||
| 1782205 | KVM SnowRidge enable new ISAs | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1782205 | KVM SnowRidge enable new ISAs | linux (Ubuntu) | Undecided | Fix Released | ||
Bug #1786956: [19.04 FEAT] upgrade qemu > 3.0
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1786956 | [19.04 FEAT] upgrade qemu > 3.0 | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1786956 | [19.04 FEAT] upgrade qemu > 3.0 | Ubuntu on IBM z Systems | High | Fix Released | ||
Bug #1787267: Can't type | ( pipe ) over vnc
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1787267 | Can't type | ( pipe ) over vnc | qemu (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1787267 | Can't type | ( pipe ) over vnc | qemu (Ubuntu Cosmic) | Undecided | Fix Released | ||
Bug #1789551: qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1789551 | qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads | qemu (Ubuntu) | High | Fix Released | ||
| 1789551 | qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads | qemu (Debian) | Unknown | Fix Released | ||
| 1789551 | qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads | qemu (Ubuntu Xenial) | Undecided | Won't Fix | ||
| 1789551 | qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads | qemu (Ubuntu Trusty) | Undecided | Won't Fix | ||
| 1789551 | qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads | qemu (Ubuntu Cosmic) | High | Fix Released | ||
| 1789551 | qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads | qemu (Ubuntu Bionic) | High | Fix Released | ||
Bug #1790457: kernel: improve spectre mitigation
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1790457 | kernel: improve spectre mitigation | linux (Ubuntu) | Undecided | Fix Released | ||
| 1790457 | kernel: improve spectre mitigation | Ubuntu on IBM z Systems | High | Fix Released | ||
| 1790457 | kernel: improve spectre mitigation | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1790457 | kernel: improve spectre mitigation | linux (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1790457 | kernel: improve spectre mitigation | qemu (Ubuntu Bionic) | Undecided | Fix Released | ||
Bug #1806104: [Ubuntu-18.04][LTC-Test] Warning: "qemu-system-ppc64: System page size 0x40000000 is not enabled in page_size_mask (0x11000). Performance may be slow" Noticed while booting guest backed by Hugepages.
Bug #1809083: [Ubuntu 18.04] Backward migration of Ubuntu 16.04.4 P8 guest from Ubuntu 18.04 P9 Host -> Ubuntu 16.04.4 P8 host is broken
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1809083 | [Ubuntu 18.04] Backward migration of Ubuntu 16.04.4 P8 guest from Ubuntu 18.04 P9 Host -> Ubuntu 16.04.4 P8 host is broken | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1809083 | [Ubuntu 18.04] Backward migration of Ubuntu 16.04.4 P8 guest from Ubuntu 18.04 P9 Host -> Ubuntu 16.04.4 P8 host is broken | The Ubuntu-power-systems project | High | Fix Released | ||
| 1809083 | [Ubuntu 18.04] Backward migration of Ubuntu 16.04.4 P8 guest from Ubuntu 18.04 P9 Host -> Ubuntu 16.04.4 P8 host is broken | qemu (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1809083 | [Ubuntu 18.04] Backward migration of Ubuntu 16.04.4 P8 guest from Ubuntu 18.04 P9 Host -> Ubuntu 16.04.4 P8 host is broken | qemu (Ubuntu Cosmic) | Undecided | Fix Released | ||
Bug #1812384: [Ubuntu] qemu - backport diag308 stable exception fix
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1812384 | [Ubuntu] qemu - backport diag308 stable exception fix | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1812384 | [Ubuntu] qemu - backport diag308 stable exception fix | Ubuntu on IBM z Systems | Medium | Fix Released | ||
| 1812384 | [Ubuntu] qemu - backport diag308 stable exception fix | qemu (Ubuntu Cosmic) | Undecided | Fix Released | ||
| 1812384 | [Ubuntu] qemu - backport diag308 stable exception fix | qemu (Ubuntu Bionic) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
