| Revision Date: | 2021-02-19 | Version: | 1 |
| Title: | Security update for qemu (Important) |
| Description: |
This update for qemu fixes the following issues:
- Fixed potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137) - Fixed out-of-bound access in iscsi (CVE-2020-11947 bsc#1180523) - Fixed out-of-bound access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639) - Fixed out-of-bound access in ARM interrupt handling (CVE-2021-20221 bsc#1181933) - Fixed vfio-pci device on s390 enters error state (bsc#1179717 bsc#1179719) - Fixed 'Failed to try-restart qemu-ga@.service' error while updating the qemu-guest-agent. (bsc#1178565) - Apply fixes to qemu scsi passthrough with respect to timeout and error conditions, including using more correct status codes. Add more qemu tracing which helped track down these issues (bsc#1178049)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1178049
1178565
1179717
1179719
1180523
1181639
1181933
1182137
CVE-2020-11947
CVE-2021-20181
CVE-2021-20203
CVE-2021-20221
|
| Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
| Product(s): | |