Oval Definition:oval:org.opensuse.security:def:58721
Revision Date:2021-04-16Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

- Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP packet processing (CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386 - Fix OOB access in iscsi (CVE-2020-11947 bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639) - Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092 bsc#1174641) - Fix OOB access while processing USB packets (CVE-2020-14364 bsc#1175441) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137) - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765 bsc#1172478)
Family:unixClass:patch
Status:Reference(s):1051042
1053188
1063675
1064569
1064580
1064583
1070905
1071319
1073231
1074293
1076957
1077445
1082063
1082210
1083125
1083417
1083420
1083422
1083424
1083426
1085447
1090368
1090646
1090869
1101644
1101645
1101651
1101656
1103098
1106812
1112209
1113534
1113652
1113742
1115375
1120943
1136085
1137443
1141780
1141782
1141783
1141784
1141785
1141786
1141787
1141789
1153108
1154609
1156321
1156331
1157770
1159723
1159729
1160770
1164825
1171928
1172383
1172384
1172385
1172386
1172478
1173612
1174386
1174641
1175441
1176673
1176682
1176684
1178174
1178934
1179467
1179468
1180523
1181108
1181639
1182137
1182425
1182577
1182968
CVE-2007-4772
CVE-2007-6600
CVE-2009-4034
CVE-2009-4136
CVE-2010-1169
CVE-2010-1170
CVE-2010-3433
CVE-2012-0866
CVE-2012-0867
CVE-2012-0868
CVE-2012-2143
CVE-2012-2655
CVE-2012-3488
CVE-2012-3489
CVE-2013-0255
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
CVE-2013-2062
CVE-2014-0060
CVE-2014-0061
CVE-2014-0062
CVE-2014-0063
CVE-2014-0064
CVE-2014-0065
CVE-2014-0066
CVE-2014-0067
CVE-2014-6272
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-5288
CVE-2015-5289
CVE-2016-0766
CVE-2016-0773
CVE-2016-10708
CVE-2016-1549
CVE-2016-2193
CVE-2016-3065
CVE-2017-1000408
CVE-2017-1000409
CVE-2017-13166
CVE-2017-15670
CVE-2017-15671
CVE-2017-15804
CVE-2017-16997
CVE-2017-7484
CVE-2017-7485
CVE-2017-7486
CVE-2018-0734
CVE-2018-1000001
CVE-2018-1087
CVE-2018-20030
CVE-2018-20856
CVE-2018-2938
CVE-2018-2940
CVE-2018-2952
CVE-2018-2973
CVE-2018-3639
CVE-2018-5391
CVE-2018-5407
CVE-2018-7170
CVE-2018-7182
CVE-2018-7183
CVE-2018-7184
CVE-2018-7185
CVE-2018-8781
CVE-2018-8897
CVE-2019-0221
CVE-2019-10220
CVE-2019-12418
CVE-2019-12735
CVE-2019-13272
CVE-2019-17563
CVE-2019-17569
CVE-2019-18197
CVE-2019-2745
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-2842
CVE-2019-7317
CVE-2019-9278
CVE-2020-11947
CVE-2020-12829
CVE-2020-13361
CVE-2020-13362
CVE-2020-13659
CVE-2020-13765
CVE-2020-14364
CVE-2020-15469
CVE-2020-15863
CVE-2020-16092
CVE-2020-25084
CVE-2020-25624
CVE-2020-25625
CVE-2020-25723
CVE-2020-27617
CVE-2020-28916
CVE-2020-29130
CVE-2020-29443
CVE-2020-9484
CVE-2021-20181
CVE-2021-20203
CVE-2021-20257
CVE-2021-3416
SUSE-SU-2018:0074-1
SUSE-SU-2018:1524-1
SUSE-SU-2018:1765-1
SUSE-SU-2018:2530-1
SUSE-SU-2018:3064-1
SUSE-SU-2018:3792-1
SUSE-SU-2018:3866-1
SUSE-SU-2019:1456-1
SUSE-SU-2019:3261-1
SUSE-SU-2020:0920-2
SUSE-SU-2020:1498-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gdm-3.26.2.1-lp150.10 is installed
  • OR gdm-lang-3.26.2.1-lp150.10 is installed
  • OR gdmflexiserver-3.26.2.1-lp150.10 is installed
  • OR libgdm1-3.26.2.1-lp150.10 is installed
  • OR typelib-1_0-Gdm-1_0-3.26.2.1-lp150.10 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gdb-8.3.1-lp151.4.3 is installed
  • OR gdb-testresults-8.3.1-lp151.4.3 is installed
  • OR gdbserver-8.3.1-lp151.4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • glibc-2.22-62.3 is installed
  • OR glibc-32bit-2.22-62.3 is installed
  • OR glibc-devel-2.22-62.3 is installed
  • OR glibc-devel-32bit-2.22-62.3 is installed
  • OR glibc-html-2.22-62.3 is installed
  • OR glibc-i18ndata-2.22-62.3 is installed
  • OR glibc-info-2.22-62.3 is installed
  • OR glibc-locale-2.22-62.3 is installed
  • OR glibc-locale-32bit-2.22-62.3 is installed
  • OR glibc-profile-2.22-62.3 is installed
  • OR glibc-profile-32bit-2.22-62.3 is installed
  • OR nscd-2.22-62.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed
  • OR openssl-1.0.2j-60.46 is installed
  • OR openssl-doc-1.0.2j-60.46 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_32-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libXp6-1.0.2-3 is installed
  • OR libXp6-32bit-1.0.2-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed
  • OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed
  • OR libwebkit2gtk3-lang-2.28.1-2.50 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed
  • OR webkit2gtk3-2.28.1-2.50 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_107-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-6-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • qemu-2.9.1-6.47.1 is installed
  • OR qemu-block-curl-2.9.1-6.47.1 is installed
  • OR qemu-block-iscsi-2.9.1-6.47.1 is installed
  • OR qemu-block-rbd-2.9.1-6.47.1 is installed
  • OR qemu-block-ssh-2.9.1-6.47.1 is installed
  • OR qemu-guest-agent-2.9.1-6.47.1 is installed
  • OR qemu-ipxe-1.0.0+-6.47.1 is installed
  • OR qemu-kvm-2.9.1-6.47.1 is installed
  • OR qemu-lang-2.9.1-6.47.1 is installed
  • OR qemu-seabios-1.10.2_0_g5f4c7b1-6.47.1 is installed
  • OR qemu-sgabios-8-6.47.1 is installed
  • OR qemu-tools-2.9.1-6.47.1 is installed
  • OR qemu-vgabios-1.10.2_0_g5f4c7b1-6.47.1 is installed
  • OR qemu-x86-2.9.1-6.47.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND powerpc-utils-1.3.5-3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libmysqlclient18-10.0.38-29.27 is installed
  • OR mariadb-10.0.38-29.27 is installed
  • BACK