NS-SA-2025-0248
2025-10-23 19:59:52
简介
important: xz/qemu security update
严重级别
important
主题
An update for xz/qemu is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
xz:
qemu:
Security Fix(es):
xz: A flaw was found in the XZ Utils library. In affected versions, the multithreaded .xz decoder in liblzma has a bug where invalid input can trigger a heap use-after-free condition, allowing writes to an address based on the null pointer plus an offset. This issue may result in a crash or other undefined behavior. Applications and libraries that use the `lzma_stream_decoder_mt` function are affected.(CVE-2025-31115)
xz: bugfix
qemu: A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition.(CVE-2024-3567)
qemu: A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.(CVE-2024-3447)
qemu: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.04B7.
影响组件
影响产品
更新包
{"fix":[{"product":"CGSL MAIN 7.02","pkgs":[{"binary":["xz-libs-core-5.4.4-1.zncgsl7.6.x86_64.rpm","xz-lzma-compat-5.4.4-1.zncgsl7.6.x86_64.rpm","xz-devel-5.4.4-1.zncgsl7.6.x86_64.rpm","xz-static-5.4.4-1.zncgsl7.6.x86_64.rpm","xz-libs-5.4.4-1.zncgsl7.6.x86_64.rpm","xz-5.4.4-1.zncgsl7.6.x86_64.rpm"],"source":"xz-5.4.4-1.zncgsl7.6.src.rpm"},{"binary":["qemu-ui-spice-core-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-ui-spice-app-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-ui-opengl-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-ui-gtk-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-ui-curses-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-ui-dbus-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-system-x86_64-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-tools-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-ui-egl-headless-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-tests-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-pr-helper-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-system-x86_64-core-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-kvm-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-guest-agent-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-usb-smartcard-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-img-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-docs-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-kvm-core-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-usb-redirect-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-display-virtio-vga-gl-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-usb-host-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-display-virtio-gpu-ccw-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-display-virtio-vga-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-display-qxl-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-display-virtio-gpu-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-device-display-virtio-gpu-pci-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-char-baum-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-char-spice-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-block-ssh-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-block-iscsi-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-block-rbd-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-block-dmg-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-block-gluster-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-common-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-block-curl-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-audio-alsa-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-audio-spice-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-audio-oss-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-audio-dbus-8.2.0-14.zncgsl7.149.x86_64.rpm","qemu-audio-pa-8.2.0-14.zncgsl7.149.x86_64.rpm"],"source":"qemu-8.2.0-14.zncgsl7.149.src.rpm"}]}]}
CVE
参考