Oval Definition:oval:org.opensuse.security:def:20220216
Revision Date:2023-06-22Version:1
Title:CVE-2022-0216
Description:

A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-0216
SUSE CVE-2022-0216
SUSE-SU-2022:3594-1
SUSE-SU-2022:3660-1
SUSE-SU-2022:3768-1
SUSE-SU-2022:3795-1
SUSE-SU-2023:0761-1
SUSE-SU-2023:0840-1
SUSE-SU-2023:2358-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP5
SUSE Linux Enterprise Module for Server Applications 15 SP4
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Micro 5.3 is installed
  • AND Package Information
  • qemu-6.2.0-150400.37.8.2 is installed
  • OR qemu-accel-tcg-x86-6.2.0-150400.37.8.2 is installed
  • OR qemu-arm-6.2.0-150400.37.8.2 is installed
  • OR qemu-audio-spice-6.2.0-150400.37.8.2 is installed
  • OR qemu-chardev-spice-6.2.0-150400.37.8.2 is installed
  • OR qemu-guest-agent-6.2.0-150400.37.8.2 is installed
  • OR qemu-hw-display-qxl-6.2.0-150400.37.8.2 is installed
  • OR qemu-hw-display-virtio-gpu-6.2.0-150400.37.8.2 is installed
  • OR qemu-hw-display-virtio-vga-6.2.0-150400.37.8.2 is installed
  • OR qemu-hw-usb-redirect-6.2.0-150400.37.8.2 is installed
  • OR qemu-ipxe-1.0.0+-150400.37.8.2 is installed
  • OR qemu-s390x-6.2.0-150400.37.8.2 is installed
  • OR qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.8.2 is installed
  • OR qemu-sgabios-8-150400.37.8.2 is installed
  • OR qemu-tools-6.2.0-150400.37.8.2 is installed
  • OR qemu-ui-opengl-6.2.0-150400.37.8.2 is installed
  • OR qemu-ui-spice-core-6.2.0-150400.37.8.2 is installed
  • OR qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.8.2 is installed
  • OR qemu-x86-6.2.0-150400.37.8.2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND qemu-tools is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • qemu is affected
  • OR qemu-block-curl is affected
  • OR qemu-block-iscsi is affected
  • OR qemu-block-rbd is affected
  • OR qemu-block-ssh is affected
  • OR qemu-guest-agent is affected
  • OR qemu-ipxe is affected
  • OR qemu-kvm is affected
  • OR qemu-lang is affected
  • OR qemu-seabios is affected
  • OR qemu-sgabios is affected
  • OR qemu-tools is affected
  • OR qemu-vgabios is affected
  • OR qemu-x86 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND qemu-tools is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND
  • qemu is not affected
  • OR qemu-SLOF is not affected
  • OR qemu-accel-tcg-x86 is not affected
  • OR qemu-arm is not affected
  • OR qemu-audio-alsa is not affected
  • OR qemu-audio-pa is not affected
  • OR qemu-audio-spice is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-chardev-baum is not affected
  • OR qemu-chardev-spice is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-hw-display-qxl is not affected
  • OR qemu-hw-display-virtio-gpu is not affected
  • OR qemu-hw-display-virtio-gpu-pci is not affected
  • OR qemu-hw-display-virtio-vga is not affected
  • OR qemu-hw-s390x-virtio-gpu-ccw is not affected
  • OR qemu-hw-usb-host is not affected
  • OR qemu-hw-usb-redirect is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-ksm is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-s390x is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-skiboot is not affected
  • OR qemu-ui-curses is not affected
  • OR qemu-ui-gtk is not affected
  • OR qemu-ui-opengl is not affected
  • OR qemu-ui-spice-app is not affected
  • OR qemu-ui-spice-core is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • qemu is affected
  • OR qemu-block-curl is affected
  • OR qemu-block-iscsi is affected
  • OR qemu-block-rbd is affected
  • OR qemu-block-ssh is affected
  • OR qemu-guest-agent is affected
  • OR qemu-ipxe is affected
  • OR qemu-kvm is affected
  • OR qemu-lang is affected
  • OR qemu-ppc is affected
  • OR qemu-seabios is affected
  • OR qemu-sgabios is affected
  • OR qemu-tools is affected
  • OR qemu-vgabios is affected
  • OR qemu-x86 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND qemu-tools-7.1.0-150500.47.15 is installed
    • BACK