Oval Definition:oval:org.opensuse.security:def:111646
Revision Date:2021-08-02Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366) - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364) - CVE-2021-3594: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367) - CVE-2021-3593: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp6) (bsc#1187365) - CVE-2021-3582: Fix possible mremap overflow in the pvrdma (bsc#1187499) - CVE-2021-3607: Ensure correct input on ring init (bsc#1187539) - CVE-2021-3608: Fix the ring init error flow (bsc#1187538) - CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow (bsc#1187529) - CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA (bsc#1176681)

Other issues fixed:

- QEMU BIOS fails to read stage2 loader (on s390x)(bsc#1186290) - Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)

Family:unixClass:patch
Status:Reference(s):1176681
1185591
1186290
1187364
1187365
1187366
1187367
1187499
1187529
1187538
1187539
CVE-2020-25085
CVE-2021-3582
CVE-2021-3592
CVE-2021-3593
CVE-2021-3594
CVE-2021-3595
CVE-2021-3607
CVE-2021-3608
CVE-2021-3611
openSUSE-SU-2021:2591-1
Platform(s):openSUSE Leap 15.3
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND qemu-audio-oss-3.1.1.1-9.30.2 is installed
    • BACK