OVAL Reference oval:org.opensuse.security:def:51538

Oval Definition:

oval:org.opensuse.security:def:51538

Revision Date:	2021-04-16	Version:	1
Title:	Security update for qemu (Important)
Description:	This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP packet processing (CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386 - Fix OOB access in iscsi (CVE-2020-11947 bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639) - Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092 bsc#1174641) - Fix OOB access while processing USB packets (CVE-2020-14364 bsc#1175441) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137) - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765 bsc#1172478)
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1055117 1071995 1083647 1083710 1096209 1098155 1102247 1103203 1103991 1103992 1104745 1109837 1111666 1112374 1114407 1119222 1123080 1124223 1125410 1126377 1127034 1127315 1127611 1128712 1129770 1130972 1131060 1131233 1131237 1131239 1131241 1131245 1131686 1132728 1132732 1133021 1134090 1134097 1134390 1134399 1135335 1135642 1135656 1136217 1136342 1136460 1136461 1136462 1136467 1137458 1137534 1137535 1137584 1137609 1137811 1137827 1138874 1139358 1139619 1140133 1140139 1140322 1140559 1140652 1140676 1140903 1140945 1140948 1141312 1141401 1141402 1141452 1141453 1141454 1141478 1141558 1142023 1142052 1142083 1142112 1142115 1142119 1142220 1142221 1142254 1142350 1142351 1142354 1142359 1142450 1142623 1142673 1142701 1142868 1143003 1143045 1143105 1143185 1143189 1143191 1143209 1143507 1153611 1157465 1158940 1159118 1160467 1160468 1160931 1162327 1162504 1165425 1170446 1171696 1172383 1172384 1172385 1172386 1172478 1173455 1173594 1173612 1174386 1174641 1175441 1175664 1175665 1175671 1176673 1176682 1176684 1177943 1178174 1178934 1179467 1179468 1180523 1181108 1181639 1182137 1182425 1182577 1182968 CVE-2010-2240 CVE-2011-3177 CVE-2013-1940 CVE-2013-1989 CVE-2013-1991 CVE-2013-2000 CVE-2013-2066 CVE-2013-4396 CVE-2013-6424 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2014-9140 CVE-2015-0255 CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2015-3418 CVE-2018-1152 CVE-2018-11813 CVE-2018-14498 CVE-2018-20855 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-1125 CVE-2019-11810 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-14896 CVE-2019-14897 CVE-2019-17361 CVE-2019-18897 CVE-2019-2602 CVE-2019-2684 CVE-2019-3880 CVE-2020-11947 CVE-2020-12829 CVE-2020-13361 CVE-2020-13362 CVE-2020-13659 CVE-2020-13765 CVE-2020-14364 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-15049 CVE-2020-15469 CVE-2020-15810 CVE-2020-15811 CVE-2020-15863 CVE-2020-16092 CVE-2020-1945 CVE-2020-24606 CVE-2020-25084 CVE-2020-25624 CVE-2020-25625 CVE-2020-25723 CVE-2020-27617 CVE-2020-28916 CVE-2020-29130 CVE-2020-29443 CVE-2020-8695 CVE-2020-8698 CVE-2021-20181 CVE-2021-20203 CVE-2021-20257 CVE-2021-3416 SUSE-SU-2019:0711-1 SUSE-SU-2019:0873-1 SUSE-SU-2019:1040-1 SUSE-SU-2019:1052-1 SUSE-SU-2019:2073-1 SUSE-SU-2020:0684-1 SUSE-SU-2020:1944-1 SUSE-SU-2020:2442-1 SUSE-SU-2020:3275-1 SUSE-SU-2020:3359-1 SUSE-SU-2021:1240-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libvirt-client-4.0.0-lp150.6 is installed OR libvirt-daemon-4.0.0-lp150.6 is installed OR libvirt-daemon-config-network-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-interface-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-network-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-nodedev-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-nwfilter-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-qemu-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-secret-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-core-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-disk-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-iscsi-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-logical-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-mpath-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-rbd-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-scsi-4.0.0-lp150.6 is installed OR libvirt-daemon-qemu-4.0.0-lp150.6 is installed OR libvirt-libs-4.0.0-lp150.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information krb5-1.6.3-133.49.103 is installed OR krb5-32bit-1.6.3-133.49.103 is installed OR krb5-client-1.6.3-133.49.103 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libssh2-1-1.2.9-4.2.6 is installed OR libssh2_org-1.2.9-4.2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND libXxf86dga1-1.1.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXv1-1.0.10-3 is installed OR libXv1-32bit-1.0.10-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bash-4.3-78 is installed OR bash-doc-4.3-78 is installed OR bash-lang-4.3-78 is installed OR libreadline6-6.3-78 is installed OR libreadline6-32bit-6.3-78 is installed OR readline-doc-6.3-78 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information evince-3.20.2-6.22 is installed OR evince-browser-plugin-3.20.2-6.22 is installed OR evince-lang-3.20.2-6.22 is installed OR evince-plugin-djvudocument-3.20.2-6.22 is installed OR evince-plugin-dvidocument-3.20.2-6.22 is installed OR evince-plugin-pdfdocument-3.20.2-6.22 is installed OR evince-plugin-psdocument-3.20.2-6.22 is installed OR evince-plugin-tiffdocument-3.20.2-6.22 is installed OR evince-plugin-xpsdocument-3.20.2-6.22 is installed OR libevdocument3-4-3.20.2-6.22 is installed OR libevview3-3-3.20.2-6.22 is installed OR nautilus-evince-3.20.2-6.22 is installed OR typelib-1_0-EvinceDocument-3_0-3.20.2-6.22 is installed OR typelib-1_0-EvinceView-3_0-3.20.2-6.22 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information avahi-0.6.32-5.5 is installed OR python-avahi-0.6.32-5.5 is installed OR samba-4.7.11+git.153.b36ceaf2235-4.27 is installed OR samba-python-4.7.11+git.153.b36ceaf2235-4.27 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed AND Package Information java-11-openjdk-11.0.9.0-3.48 is installed OR java-11-openjdk-javadoc-11.0.9.0-3.48 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND Package Information ant-1.10.7-4.3 is installed OR ant-antlr-1.10.7-4.3 is installed OR ant-apache-bcel-1.10.7-4.3 is installed OR ant-apache-bsf-1.10.7-4.3 is installed OR ant-apache-log4j-1.10.7-4.3 is installed OR ant-apache-oro-1.10.7-4.3 is installed OR ant-apache-regexp-1.10.7-4.3 is installed OR ant-apache-resolver-1.10.7-4.3 is installed OR ant-commons-logging-1.10.7-4.3 is installed OR ant-javamail-1.10.7-4.3 is installed OR ant-jdepend-1.10.7-4.3 is installed OR ant-jmf-1.10.7-4.3 is installed OR ant-junit-1.10.7-4.3 is installed OR ant-manual-1.10.7-4.3 is installed OR ant-scripts-1.10.7-4.3 is installed OR ant-swing-1.10.7-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_4-default-8-2 is installed OR kernel-livepatch-SLE15-SP1_Update_1-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information java-11-openjdk-11.0.3.0-3.21 is installed OR java-11-openjdk-accessibility-11.0.3.0-3.21 is installed OR java-11-openjdk-demo-11.0.3.0-3.21 is installed OR java-11-openjdk-devel-11.0.3.0-3.21 is installed OR java-11-openjdk-headless-11.0.3.0-3.21 is installed OR java-11-openjdk-javadoc-11.0.3.0-3.21 is installed OR java-11-openjdk-jmods-11.0.3.0-3.21 is installed OR java-11-openjdk-src-11.0.3.0-3.21 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python2-salt-2019.2.0-6.24 is installed OR salt-2019.2.0-6.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information apache2-2.4.33-3.15 is installed OR apache2-devel-2.4.33-3.15 is installed OR apache2-doc-2.4.33-3.15 is installed OR apache2-prefork-2.4.33-3.15 is installed OR apache2-utils-2.4.33-3.15 is installed OR apache2-worker-2.4.33-3.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND hyper-v-6-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libopenssl1_0_0-1.0.1i-54.8 is installed OR libopenssl1_0_0-32bit-1.0.1i-54.8 is installed OR libopenssl1_0_0-hmac-1.0.1i-54.8 is installed OR libopenssl1_0_0-hmac-32bit-1.0.1i-54.8 is installed OR openssl-1.0.1i-54.8 is installed OR openssl-doc-1.0.1i-54.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND ctags-5.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information giflib-progs-5.0.5-12 is installed OR libgif6-5.0.5-12 is installed OR libgif6-32bit-5.0.5-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_7_0-openjdk-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gdk-pixbuf-2.34.0-19.17 is installed OR gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND squid-4.13-5.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND Package Information qemu-2.9.1-6.47.1 is installed OR qemu-block-curl-2.9.1-6.47.1 is installed OR qemu-block-iscsi-2.9.1-6.47.1 is installed OR qemu-block-rbd-2.9.1-6.47.1 is installed OR qemu-block-ssh-2.9.1-6.47.1 is installed OR qemu-guest-agent-2.9.1-6.47.1 is installed OR qemu-ipxe-1.0.0+-6.47.1 is installed OR qemu-kvm-2.9.1-6.47.1 is installed OR qemu-lang-2.9.1-6.47.1 is installed OR qemu-ppc-2.9.1-6.47.1 is installed OR qemu-seabios-1.10.2_0_g5f4c7b1-6.47.1 is installed OR qemu-sgabios-8-6.47.1 is installed OR qemu-tools-2.9.1-6.47.1 is installed OR qemu-vgabios-1.10.2_0_g5f4c7b1-6.47.1 is installed OR qemu-x86-2.9.1-6.47.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND ucode-intel-20201027-3.51 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.15 is installed OR kernel-default-extra-4.12.14-197.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information postgresql94-9.4.13-21.5 is installed OR postgresql94-contrib-9.4.13-21.5 is installed OR postgresql94-docs-9.4.13-21.5 is installed OR postgresql94-server-9.4.13-21.5 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND ucode-intel-20180703-13.25 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.23-3.9 is installed

BACK