Oval Definition:oval:org.opensuse.security:def:59716
Revision Date:2021-04-16Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

- Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362, bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659, bsc#1172386) - Fix OOB access in iscsi (CVE-2020-11947, bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203, bsc#1181639) - Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092, bsc#1174641) - Fix OOB access while processing USB packets (CVE-2020-14364, bsc#1175441) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181, bsc#1182137) - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361, bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765, bsc#1172478) - Fix qemu-testsuite failure - Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115) - Fix OOB access in ARM interrupt handling (CVE-2021-20221, bsc#1181933) - Fix slowness in arm32 emulation (bsc#1112499) - Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362, bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659, bsc#1172386) - Fix OOB access in iscsi (CVE-2020-11947, bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203, bsc#1181639) - Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092, bsc#1174641) - Fix OOB access while processing USB packets (CVE-2020-14364, bsc#1175441) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181, bsc#1182137) - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361, bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765, bsc#1172478) - Fix qemu-testsuite failure - Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115) - Fix OOB access in ARM interrupt handling (CVE-2021-20221, bsc#1181933) - Fix slowness in arm32 emulation (bsc#1112499)
Family:unixClass:patch
Status:Reference(s):1005778
1005780
1005781
1012382
1017967
1021578
1039616
1043886
1047487
1063043
1064311
1065180
1068032
1068951
1070116
1071009
1072166
1072216
1072556
1072866
1072890
1072962
1073090
1073525
1073792
1073809
1073868
1073874
1073912
1077983
1103098
1106119
1106171
1106172
1106173
1106195
1107410
1107411
1107412
1107413
1107420
1107421
1107422
1107423
1107426
1107581
1108027
1109105
1111634
1111635
1112039
1112499
1119115
1120644
1122191
1123156
1131060
1131233
1131237
1131239
1131241
1131245
1144902
1146873
1149811
1160024
1161066
1163018
1164692
1166240
1170446
1170940
1172383
1172384
1172385
1172386
1172478
1173592
1173594
1173612
1174386
1174641
1175441
1176409
1176410
1176412
1176673
1176682
1176684
1177143
1178174
1178934
1178971
1179466
1179467
1179468
1180523
1181108
1181639
1181933
1182137
1182425
1182577
1182968
963897
964063
966170
966172
CVE-2016-5104
CVE-2017-17805
CVE-2017-17806
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-1053
CVE-2018-15908
CVE-2018-15909
CVE-2018-15910
CVE-2018-15911
CVE-2018-16509
CVE-2018-16510
CVE-2018-16511
CVE-2018-16513
CVE-2018-16539
CVE-2018-16540
CVE-2018-16541
CVE-2018-16542
CVE-2018-16543
CVE-2018-16585
CVE-2018-16802
CVE-2018-17183
CVE-2018-18386
CVE-2018-20406
CVE-2018-5391
CVE-2019-0196
CVE-2019-0197
CVE-2019-0211
CVE-2019-0217
CVE-2019-0220
CVE-2019-10218
CVE-2019-12068
CVE-2019-15890
CVE-2019-3880
CVE-2019-5010
CVE-2019-6778
CVE-2020-11947
CVE-2020-12829
CVE-2020-13361
CVE-2020-13362
CVE-2020-13659
CVE-2020-13765
CVE-2020-14364
CVE-2020-14392
CVE-2020-14393
CVE-2020-15469
CVE-2020-15863
CVE-2020-16092
CVE-2020-1711
CVE-2020-1938
CVE-2020-1983
CVE-2020-25084
CVE-2020-25219
CVE-2020-25624
CVE-2020-25625
CVE-2020-25723
CVE-2020-26154
CVE-2020-27617
CVE-2020-28916
CVE-2020-29129
CVE-2020-29130
CVE-2020-29443
CVE-2020-7039
CVE-2020-8608
CVE-2020-8695
CVE-2020-8696
CVE-2020-8698
CVE-2021-20181
CVE-2021-20203
CVE-2021-20221
CVE-2021-20257
CVE-2021-3416
SUSE-SU-2018:0010-1
SUSE-SU-2018:0507-1
SUSE-SU-2018:0510-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:2890-1
SUSE-SU-2020:0725-1
SUSE-SU-2020:1538-1
SUSE-SU-2020:2661-1
SUSE-SU-2020:3514-1
SUSE-SU-2021:1241-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND tcpdump-4.9.2-lp150.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND transfig-3.2.6a-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND ucode-intel-20201118-13.81 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libusbmuxd4-1.0.10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libjpeg-turbo-1.5.3-31.19 is installed
  • OR libjpeg62-62.2.0-31.19 is installed
  • OR libjpeg62-32bit-62.2.0-31.19 is installed
  • OR libjpeg62-turbo-1.5.3-31.19 is installed
  • OR libjpeg8-8.1.2-31.19 is installed
  • OR libjpeg8-32bit-8.1.2-31.19 is installed
  • OR libturbojpeg0-8.1.2-31.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_178-94_91-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_25-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libblkid1-2.29.2-3.12 is installed
  • OR libblkid1-32bit-2.29.2-3.12 is installed
  • OR libfdisk1-2.29.2-3.12 is installed
  • OR libmount1-2.29.2-3.12 is installed
  • OR libmount1-32bit-2.29.2-3.12 is installed
  • OR libsmartcols1-2.29.2-3.12 is installed
  • OR libuuid1-2.29.2-3.12 is installed
  • OR libuuid1-32bit-2.29.2-3.12 is installed
  • OR python-libmount-2.29.2-3.12 is installed
  • OR util-linux-2.29.2-3.12 is installed
  • OR util-linux-lang-2.29.2-3.12 is installed
  • OR util-linux-systemd-2.29.2-3.12 is installed
  • OR uuidd-2.29.2-3.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gstreamer-plugins-good-1.8.3-15 is installed
  • OR gstreamer-plugins-good-lang-1.8.3-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • ghostscript-9.52-23.39 is installed
  • OR ghostscript-x11-9.52-23.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • qemu-2.11.2-5.29.1 is installed
  • OR qemu-arm-2.11.2-5.29.1 is installed
  • OR qemu-block-curl-2.11.2-5.29.1 is installed
  • OR qemu-block-iscsi-2.11.2-5.29.1 is installed
  • OR qemu-block-rbd-2.11.2-5.29.1 is installed
  • OR qemu-block-ssh-2.11.2-5.29.1 is installed
  • OR qemu-guest-agent-2.11.2-5.29.1 is installed
  • OR qemu-ipxe-1.0.0+-5.29.1 is installed
  • OR qemu-kvm-2.11.2-5.29.1 is installed
  • OR qemu-lang-2.11.2-5.29.1 is installed
  • OR qemu-ppc-2.11.2-5.29.1 is installed
  • OR qemu-s390-2.11.2-5.29.1 is installed
  • OR qemu-seabios-1.11.0_0_g63451fc-5.29.1 is installed
  • OR qemu-sgabios-8-5.29.1 is installed
  • OR qemu-tools-2.11.2-5.29.1 is installed
  • OR qemu-vgabios-1.11.0_0_g63451fc-5.29.1 is installed
  • OR qemu-x86-2.11.2-5.29.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Django1-1.11.20-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • qemu-2.9.1-6.44 is installed
  • OR qemu-block-curl-2.9.1-6.44 is installed
  • OR qemu-block-iscsi-2.9.1-6.44 is installed
  • OR qemu-block-rbd-2.9.1-6.44 is installed
  • OR qemu-block-ssh-2.9.1-6.44 is installed
  • OR qemu-guest-agent-2.9.1-6.44 is installed
  • OR qemu-ipxe-1.0.0+-6.44 is installed
  • OR qemu-kvm-2.9.1-6.44 is installed
  • OR qemu-lang-2.9.1-6.44 is installed
  • OR qemu-seabios-1.10.2-6.44 is installed
  • OR qemu-sgabios-8-6.44 is installed
  • OR qemu-tools-2.9.1-6.44 is installed
  • OR qemu-vgabios-1.10.2-6.44 is installed
  • OR qemu-x86-2.9.1-6.44 is installed
    • BACK