Oval Definition:oval:org.opensuse.security:def:111033
Revision Date:2021-08-26Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2021-3527: usb: unbounded stack allocation in usbredir (bsc#1186012) - CVE-2021-3582: Fix possible mremap overflow in the pvrdma (bsc#1187499) - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364) - CVE-2021-3593: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp6) (bsc#1187365) - CVE-2021-3594: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367) - CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366) - CVE-2021-3607: Ensure correct input on ring init (bsc#1187539) - CVE-2021-3608: Fix the ring init error flow (bsc#1187538) - CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow (bsc#1187529) - CVE-2021-3682: usbredir: free call on invalid pointer in bufp_alloc (bsc#1189145) - CVE-2020-35503: NULL pointer dereference issue in megasas-gen2 host bus adapter (bsc#1180432) - CVE-2020-35504,CVE-2020-35505,CVE-2020-35506: NULL pointer dereference in ESP (bsc#1180433 bsc#1180434 bsc#1180435) - CVE-2021-20255: eepro100: stack overflow via infinite recursion (bsc#1182651)

This update was imported from the SUSE:SLE-15-SP2:Update update project.
Family:unixClass:patch
Status:Reference(s):1180432
1180433
1180434
1180435
1182651
1186012
1187364
1187365
1187366
1187367
1187499
1187529
1187538
1187539
1189145
CVE-2020-35503
CVE-2020-35504
CVE-2020-35505
CVE-2020-35506
CVE-2021-20255
CVE-2021-3527
CVE-2021-3582
CVE-2021-3592
CVE-2021-3593
CVE-2021-3594
CVE-2021-3595
CVE-2021-3607
CVE-2021-3608
CVE-2021-3611
CVE-2021-3682
openSUSE-SU-2021:1202-1
Platform(s):openSUSE Leap 15.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • qemu-4.2.1-lp152.9.20.1 is installed
  • OR qemu-arm-4.2.1-lp152.9.20.1 is installed
  • OR qemu-audio-alsa-4.2.1-lp152.9.20.1 is installed
  • OR qemu-audio-pa-4.2.1-lp152.9.20.1 is installed
  • OR qemu-audio-sdl-4.2.1-lp152.9.20.1 is installed
  • OR qemu-block-curl-4.2.1-lp152.9.20.1 is installed
  • OR qemu-block-dmg-4.2.1-lp152.9.20.1 is installed
  • OR qemu-block-gluster-4.2.1-lp152.9.20.1 is installed
  • OR qemu-block-iscsi-4.2.1-lp152.9.20.1 is installed
  • OR qemu-block-nfs-4.2.1-lp152.9.20.1 is installed
  • OR qemu-block-rbd-4.2.1-lp152.9.20.1 is installed
  • OR qemu-block-ssh-4.2.1-lp152.9.20.1 is installed
  • OR qemu-extra-4.2.1-lp152.9.20.1 is installed
  • OR qemu-guest-agent-4.2.1-lp152.9.20.1 is installed
  • OR qemu-ipxe-1.0.0+-lp152.9.20.1 is installed
  • OR qemu-ksm-4.2.1-lp152.9.20.1 is installed
  • OR qemu-kvm-4.2.1-lp152.9.20.1 is installed
  • OR qemu-lang-4.2.1-lp152.9.20.1 is installed
  • OR qemu-linux-user-4.2.1-lp152.9.20.1 is installed
  • OR qemu-microvm-4.2.1-lp152.9.20.1 is installed
  • OR qemu-ppc-4.2.1-lp152.9.20.1 is installed
  • OR qemu-s390-4.2.1-lp152.9.20.1 is installed
  • OR qemu-seabios-1.12.1+-lp152.9.20.1 is installed
  • OR qemu-sgabios-8-lp152.9.20.1 is installed
  • OR qemu-testsuite-4.2.1-lp152.9.20.1 is installed
  • OR qemu-tools-4.2.1-lp152.9.20.1 is installed
  • OR qemu-ui-curses-4.2.1-lp152.9.20.1 is installed
  • OR qemu-ui-gtk-4.2.1-lp152.9.20.1 is installed
  • OR qemu-ui-sdl-4.2.1-lp152.9.20.1 is installed
  • OR qemu-ui-spice-app-4.2.1-lp152.9.20.1 is installed
  • OR qemu-vgabios-1.12.1+-lp152.9.20.1 is installed
  • OR qemu-vhost-user-gpu-4.2.1-lp152.9.20.1 is installed
  • OR qemu-x86-4.2.1-lp152.9.20.1 is installed
    • BACK