Oval Definition:oval:org.opensuse.security:def:58484
Revision Date:2020-12-01Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes several issues.

These security issues were fixed:

- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042159). - CVE-2017-8379: Memory leak in the keyboard input event handlers support allowed local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events (bsc#1037334). - CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037242). - CVE-2017-7493: The VirtFS, host directory sharing via Plan 9 File System(9pfs) support, was vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could have used this flaw to escalate their privileges inside guest (bsc#1039495). - CVE-2017-7377: The v9fs_create and v9fs_lcreate functions in hw/9pfs/9p.c allowed local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid (bsc#1032075). - CVE-2017-8086: A memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c allowed local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable (bsc#1035950). - CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS (bsc#1025109) - CVE-2017-5987: The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c allowed local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer (bsc#1025311). - CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028184) - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028656) - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034908) - CVE-2017-7980: An out-of-bounds r/w access issues in the Cirrus CLGD 54xx VGA Emulator support allowed privileged user inside guest to use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on a host with privileges of Qemu process on the host (bsc#1035406) - CVE-2017-8112: hw/scsi/vmw_pvscsi.c allowed local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count (bsc#1036211). - CVE-2017-9375: The USB xHCI controller emulator support was vulnerable to an infinite recursive call loop issue, which allowed a privileged user inside guest to crash the Qemu process resulting in DoS (bsc#1042800). - CVE-2017-9374: Missing free of 's->ipacket', causes a host memory leak, allowing for DoS (bsc#1043073). - CVE-2017-9373: The IDE AHCI Emulation support was vulnerable to a host memory leakage issue, which allowed a privileged user inside guest to leak host memory resulting in DoS (bsc#1042801). - CVE-2017-8380: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to an out-of-bounds read access issue which allowed a privileged user inside guest to read host memory resulting in DoS (bsc#1037336). - CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1020427). - CVE-2017-7471: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper access control issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1034866). - Fix privilege escalation in TCG mode of QEMU. This is not considered a security issue by the upstream project, but is included as additional hardening (bsc#1030624) - Fix potential DoS in virtfs - CVE-2016-10028: The Virtio GPU Device emulator support was vulnerable to an out of bounds memory access issue allowing a guest user to crash the Qemu process instance on a host, resulting in DoS (bsc#1017084, bsc#1016503) - CVE-2016-10029: The Virtio GPU Device emulator support was vulnerable to an OOB read issue allowing a guest user to crash the Qemu process instance resulting in Dos (bsc#1017081, bsc#1016504) - CVE-2017-5579: The 16550A UART serial device emulation support was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021741) - CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a null pointer dereference issue which allowed a privileged user inside guest to crash the Qemu process on the host resulting in DoS (bsc#1043296).

This non-security issue was fixed:

- Enable MONITOR/MWAIT support for guests (bsc#1031142)
Family:unixClass:patch
Status:Reference(s):1000998
1003846
1009745
1016503
1016504
1017081
1017084
1019274
1020427
1021741
1023012
1025109
1025282
1025311
1028184
1028656
1029907
1029908
1029909
1029995
1030296
1030297
1030298
1030583
1030584
1030585
1030588
1030589
1030624
1031142
1031590
1031593
1031595
1031638
1031644
1031656
1031756
1032075
1033122
1033236
1034866
1034908
1035406
1035950
1036211
1037052
1037057
1037061
1037062
1037066
1037070
1037072
1037242
1037273
1037334
1037336
1038132
1038874
1038875
1038876
1038877
1038878
1038880
1038881
1038984
1039495
1042159
1042800
1042801
1043073
1043218
1043296
1044891
1044897
1044901
1044909
1044925
1044927
1045735
1046094
1047785
1048315
1052061
1052496
1052503
1052507
1052509
1052511
1052514
1052518
1053347
1056312
1056437
1057139
1057144
1057149
1058480
1059050
1060599
1060621
1061241
1077983
1079869
1091427
1094325
1094725
1100112
1122319
1131233
1131237
1131239
1131241
1131245
1141322
1145092
1158527
1159819
1160467
1160468
1169511
1172277
1174157
1175259
437293
445037
546106
561142
578249
590820
691290
698346
713504
776968
863764
920813
938658
959329
970239
CVE-2014-9939
CVE-2015-0254
CVE-2016-10028
CVE-2016-10029
CVE-2016-10207
CVE-2016-7545
CVE-2016-9602
CVE-2016-9603
CVE-2016-9941
CVE-2016-9942
CVE-2017-12448
CVE-2017-12450
CVE-2017-12452
CVE-2017-12453
CVE-2017-12454
CVE-2017-12456
CVE-2017-12799
CVE-2017-13757
CVE-2017-14128
CVE-2017-14129
CVE-2017-14130
CVE-2017-14333
CVE-2017-14529
CVE-2017-14729
CVE-2017-14745
CVE-2017-14974
CVE-2017-5579
CVE-2017-5715
CVE-2017-5973
CVE-2017-5987
CVE-2017-6505
CVE-2017-6965
CVE-2017-6966
CVE-2017-6969
CVE-2017-7209
CVE-2017-7210
CVE-2017-7223
CVE-2017-7224
CVE-2017-7225
CVE-2017-7226
CVE-2017-7227
CVE-2017-7299
CVE-2017-7300
CVE-2017-7301
CVE-2017-7302
CVE-2017-7303
CVE-2017-7304
CVE-2017-7377
CVE-2017-7435
CVE-2017-7436
CVE-2017-7471
CVE-2017-7493
CVE-2017-7614
CVE-2017-7718
CVE-2017-7980
CVE-2017-8086
CVE-2017-8112
CVE-2017-8309
CVE-2017-8379
CVE-2017-8380
CVE-2017-8392
CVE-2017-8393
CVE-2017-8394
CVE-2017-8395
CVE-2017-8396
CVE-2017-8397
CVE-2017-8398
CVE-2017-8421
CVE-2017-9038
CVE-2017-9039
CVE-2017-9040
CVE-2017-9041
CVE-2017-9042
CVE-2017-9043
CVE-2017-9044
CVE-2017-9269
CVE-2017-9330
CVE-2017-9373
CVE-2017-9374
CVE-2017-9375
CVE-2017-9503
CVE-2017-9746
CVE-2017-9747
CVE-2017-9748
CVE-2017-9750
CVE-2017-9755
CVE-2017-9756
CVE-2017-9954
CVE-2017-9955
CVE-2018-1053
CVE-2019-0196
CVE-2019-0197
CVE-2019-0211
CVE-2019-0217
CVE-2019-0220
CVE-2019-10208
CVE-2019-11745
CVE-2019-14896
CVE-2019-14897
CVE-2019-17006
CVE-2019-17639
CVE-2019-6116
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-2654
CVE-2020-2756
CVE-2020-2757
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
SUSE-SU-2017:0338-1
SUSE-SU-2017:0622-1
SUSE-SU-2017:1568-1
SUSE-SU-2017:1774-1
SUSE-SU-2017:2040-1
SUSE-SU-2017:3170-1
SUSE-SU-2018:0507-1
SUSE-SU-2018:2631-1
SUSE-SU-2019:0144-1
SUSE-SU-2019:0878-1
SUSE-SU-2020:0088-1
SUSE-SU-2020:2461-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND kdump-0.8.16-lp150.11 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-branding-upstream-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-buildsymbols-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-devel-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-translations-common-60.7.2-lp151.2.7 is installed
  • OR MozillaFirefox-translations-other-60.7.2-lp151.2.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • qemu-2.6.2-41.16 is installed
  • OR qemu-arm-2.6.2-41.16 is installed
  • OR qemu-block-curl-2.6.2-41.16 is installed
  • OR qemu-block-rbd-2.6.2-41.16 is installed
  • OR qemu-block-ssh-2.6.2-41.16 is installed
  • OR qemu-guest-agent-2.6.2-41.16 is installed
  • OR qemu-ipxe-1.0.0-41.16 is installed
  • OR qemu-kvm-2.6.2-41.16 is installed
  • OR qemu-lang-2.6.2-41.16 is installed
  • OR qemu-ppc-2.6.2-41.16 is installed
  • OR qemu-s390-2.6.2-41.16 is installed
  • OR qemu-seabios-1.9.1-41.16 is installed
  • OR qemu-sgabios-8-41.16 is installed
  • OR qemu-tools-2.6.2-41.16 is installed
  • OR qemu-vgabios-1.9.1-41.16 is installed
  • OR qemu-x86-2.6.2-41.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ghostscript-9.26a-23.19 is installed
  • OR ghostscript-x11-9.26a-23.19 is installed
  • OR libspectre-0.2.7-12.6 is installed
  • OR libspectre1-0.2.7-12.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libvirt-2.0.0-27.45 is installed
  • OR libvirt-client-2.0.0-27.45 is installed
  • OR libvirt-daemon-2.0.0-27.45 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.45 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.45 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.45 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.45 is installed
  • OR libvirt-daemon-xen-2.0.0-27.45 is installed
  • OR libvirt-doc-2.0.0-27.45 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.45 is installed
  • OR libvirt-nss-2.0.0-27.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gdk-pixbuf-lang-2.34.0-18 is installed
  • OR gdk-pixbuf-query-loaders-2.34.0-18 is installed
  • OR gdk-pixbuf-query-loaders-32bit-2.34.0-18 is installed
  • OR libgdk_pixbuf-2_0-0-2.34.0-18 is installed
  • OR libgdk_pixbuf-2_0-0-32bit-2.34.0-18 is installed
  • OR typelib-1_0-GdkPixbuf-2_0-2.34.0-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.19 is installed
  • OR libvncclient0-0.9.9-17.19 is installed
  • OR libvncserver0-0.9.9-17.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND clamav-0.100.3-33.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libwireshark9-2.4.11-48.35 is installed
  • OR libwiretap7-2.4.11-48.35 is installed
  • OR libwscodecs1-2.4.11-48.35 is installed
  • OR libwsutil8-2.4.11-48.35 is installed
  • OR wireshark-2.4.11-48.35 is installed
  • OR wireshark-gtk-2.4.11-48.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • glib2-lang-2.48.2-10 is installed
  • OR glib2-tools-2.48.2-10 is installed
  • OR libgio-2_0-0-2.48.2-10 is installed
  • OR libgio-2_0-0-32bit-2.48.2-10 is installed
  • OR libglib-2_0-0-2.48.2-10 is installed
  • OR libglib-2_0-0-32bit-2.48.2-10 is installed
  • OR libgmodule-2_0-0-2.48.2-10 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-10 is installed
  • OR libgobject-2_0-0-2.48.2-10 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-10 is installed
  • OR libgthread-2_0-0-2.48.2-10 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ucode-intel-20190618-13.47 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • BACK