Oval Definition:	oval:org.opensuse.security:def:59458
Revision Date: 2021-04-16 Version: 1 Title: Security update for qemu (Important) Description: This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362, bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659, bsc#1172386) - Fix OOB access in iscsi (CVE-2020-11947, bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203, bsc#1181639) - Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092, bsc#1174641) - Fix OOB access while processing USB packets (CVE-2020-14364, bsc#1175441) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181, bsc#1182137) - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361, bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765, bsc#1172478) - Fix qemu-testsuite failure - Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115) - Fix OOB access in ARM interrupt handling (CVE-2021-20221, bsc#1181933) - Fix slowness in arm32 emulation (bsc#1112499) - Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362, bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659, bsc#1172386) - Fix OOB access in iscsi (CVE-2020-11947, bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203, bsc#1181639) - Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092, bsc#1174641) - Fix OOB access while processing USB packets (CVE-2020-14364, bsc#1175441) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181, bsc#1182137) - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361, bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765, bsc#1172478) - Fix qemu-testsuite failure - Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115) - Fix OOB access in ARM interrupt handling (CVE-2021-20221, bsc#1181933) - Fix slowness in arm32 emulation (bsc#1112499) Family: unix Class: patch Status: Reference(s): 1005778 1006180 1011913 1012829 1013887 1015337 1015342 1016119 1016715 1019151 1019695 1020645 1022476 1022600 1022604 1023175 1024346 1024373 1025461 1026570 1028173 1028286 1029693 1030552 1031515 1031717 1031784 1033587 1034075 1034113 1034762 1036215 1036632 1037344 1037404 1037838 1037994 1038078 1038616 1038792 1039153 1039348 1039915 1040307 1040347 1040351 1041958 1042257 1042286 1042314 1042422 1042778 1043261 1043347 1043520 1043598 1043652 1043805 1043912 1044112 1044443 1044623 1044636 1045154 1045293 1045330 1045404 1045563 1045596 1045693 1045709 1045715 1045866 1045922 1045937 1046105 1046170 1046434 1046651 1046655 1046682 1046821 1046985 1047027 1047048 1047096 1047118 1047121 1047152 1047174 1047277 1047343 1047354 1047418 1047506 1047595 1047651 1047653 1047670 1047802 1048146 1048155 1048221 1048317 1048348 1048356 1048421 1048451 1048501 1048891 1048912 1048914 1048916 1048919 1049231 1049289 1049298 1049361 1049483 1049486 1049505 1049603 1049619 1049645 1049706 1049882 1050061 1050188 1050211 1050320 1050322 1050677 1051017 1051022 1051048 1051059 1051239 1051399 1051471 1051478 1051479 1051556 1051663 1051689 1051979 1052049 1052223 1052311 1052325 1052365 1052442 1052533 1052709 1052773 1052794 1052829 1052899 1052925 1053043 1053117 1053600 1086774 1086775 1086813 1086814 1086817 1086820 1093414 1104826 1111331 1112499 1119115 1132728 1132729 1132732 1132734 1134718 1141670 1149496 1150734 1154162 1157198 1163933 1167068 1170558 1171186 1171363 1172205 1172383 1172384 1172385 1172386 1172478 1173378 1173380 1173612 1174386 1174641 1175441 1175534 1176343 1176344 1176345 1176346 1176347 1176348 1176349 1176350 1176673 1176682 1176684 1178174 1178934 1179466 1179467 1179468 1180523 1181108 1181639 1181933 1182137 1182425 1182577 1182968 682920 964063 974215 998664 CVE-2009-3627 CVE-2011-2709 CVE-2015-9542 CVE-2016-4975 CVE-2016-8743 CVE-2017-1000111 CVE-2017-1000112 CVE-2017-10810 CVE-2017-11473 CVE-2017-15710 CVE-2017-15715 CVE-2017-7533 CVE-2017-7541 CVE-2017-7542 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-8831 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2019-10245 CVE-2019-11091 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2019-2974 CVE-2019-3688 CVE-2019-3690 CVE-2019-5482 CVE-2020-0543 CVE-2020-11947 CVE-2020-12108 CVE-2020-12137 CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-12829 CVE-2020-13361 CVE-2020-13362 CVE-2020-13659 CVE-2020-13765 CVE-2020-14364 CVE-2020-15469 CVE-2020-15565 CVE-2020-15567 CVE-2020-15863 CVE-2020-16092 CVE-2020-25084 CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25603 CVE-2020-25604 CVE-2020-25624 CVE-2020-25625 CVE-2020-25723 CVE-2020-27617 CVE-2020-28916 CVE-2020-29129 CVE-2020-29130 CVE-2020-29443 CVE-2020-6831 CVE-2021-20181 CVE-2021-20203 CVE-2021-20221 CVE-2021-20257 CVE-2021-3416 SUSE-SU-2017:2286-1 SUSE-SU-2017:2589-1 SUSE-SU-2017:2598-1 SUSE-SU-2018:1161-2 SUSE-SU-2019:1296-1 SUSE-SU-2019:2339-2 SUSE-SU-2019:3180-1 SUSE-SU-2020:1117-1 SUSE-SU-2020:1218-1 SUSE-SU-2020:1301-1 SUSE-SU-2020:2822-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND kdump-0.8.16-lp150.11 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.80-lp151.2.6 is installed OR chromium-75.0.3770.80-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.18 is installed OR apache2-doc-2.4.23-29.18 is installed OR apache2-example-pages-2.4.23-29.18 is installed OR apache2-prefork-2.4.23-29.18 is installed OR apache2-utils-2.4.23-29.18 is installed OR apache2-worker-2.4.23-29.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libgssglue1-0.4-3 is installed OR libgssglue1-32bit-0.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsndfile-1.0.25-36.16 is installed OR libsndfile1-1.0.25-36.16 is installed OR libsndfile1-32bit-1.0.25-36.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gnome-settings-daemon-3.20.1-50.5 is installed OR gnome-settings-daemon-lang-3.20.1-50.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information qemu-2.11.2-5.29.1 is installed OR qemu-arm-2.11.2-5.29.1 is installed OR qemu-block-curl-2.11.2-5.29.1 is installed OR qemu-block-iscsi-2.11.2-5.29.1 is installed OR qemu-block-rbd-2.11.2-5.29.1 is installed OR qemu-block-ssh-2.11.2-5.29.1 is installed OR qemu-guest-agent-2.11.2-5.29.1 is installed OR qemu-ipxe-1.0.0+-5.29.1 is installed OR qemu-kvm-2.11.2-5.29.1 is installed OR qemu-lang-2.11.2-5.29.1 is installed OR qemu-seabios-1.11.0_0_g63451fc-5.29.1 is installed OR qemu-sgabios-8-5.29.1 is installed OR qemu-tools-2.11.2-5.29.1 is installed OR qemu-vgabios-1.11.0_0_g63451fc-5.29.1 is installed OR qemu-x86-2.11.2-5.29.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.8.0-109.119 is installed OR MozillaFirefox-translations-common-68.8.0-109.119 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND mailman-2.1.17-3.20 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.6 is installed
BACK