Ubuntu Security Notice 4283-1 - Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. It was discovered that the QEMU libslirp component incorrectly handled memory. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
67a70bed9e03b20a8ad75770a4d3bc7d50b6aa1db9c132a09f67280b8a8bf16a