Oval Definition:oval:org.opensuse.security:def:117526
Revision Date:2021-11-03Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2021-3713: Fix out-of-bounds write in UAS (USB Attached SCSI) device emulation (bsc#1189702) - CVE-2021-3748: Fix heap use-after-free in virtio_net_receive_rcu (bsc#1189938)

Non-security issues fixed:

- Add transfer length item in block limits page of scsi vpd (bsc#1190425) - Fix qemu crash while deleting xen-block (bsc#1189234)
Family:unixClass:patch
Status:Reference(s):1189234
1189702
1189938
1190425
CVE-2021-3713
CVE-2021-3748
SUSE-SU-2021:3604-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND qemu-tools-4.2.1-11.31.3 is installed
  • BACK