Oval Definition:oval:org.opensuse.security:def:64754
Revision Date:2021-08-27Version:1
Title:Security update for qemu (Moderate)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- usbredir: free call on invalid pointer in bufp_alloc (bsc#1189145, CVE-2021-3682) - NULL pointer dereference in ESP (bsc#1180433, CVE-2020-35504) (bsc#1180434, CVE-2020-35505) (bsc#1180435, CVE-2020-35506) - NULL pointer dereference issue in megasas-gen2 host bus adapter (bsc#1180432, CVE-2020-35503) - eepro100: stack overflow via infinite recursion (bsc#1182651, CVE-2021-20255) - usb: unbounded stack allocation in usbredir (bsc#1186012, CVE-2021-3527)

Non-security issues fixed:

- Use max host physical address if -cpu max is used (bsc#1188299)
Family:unixClass:patch
Status:Reference(s):1139937
1170252
1170253
1172961
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1176764
1180432
1180433
1180434
1180435
1182651
1186012
1188299
1189145
CVE-2013-3495
CVE-2013-4533
CVE-2013-4534
CVE-2013-4537
CVE-2013-4538
CVE-2013-4539
CVE-2013-4540
CVE-2014-0222
CVE-2014-3640
CVE-2014-3672
CVE-2014-7815
CVE-2015-1779
CVE-2015-3259
CVE-2015-3340
CVE-2015-3456
CVE-2015-4037
CVE-2015-4103
CVE-2015-4104
CVE-2015-4105
CVE-2015-4106
CVE-2015-5154
CVE-2015-5239
CVE-2015-5278
CVE-2015-5307
CVE-2015-6815
CVE-2015-6855
CVE-2015-7311
CVE-2015-7504
CVE-2015-7512
CVE-2015-7549
CVE-2015-7835
CVE-2015-7969
CVE-2015-7970
CVE-2015-7971
CVE-2015-7972
CVE-2015-8104
CVE-2015-8339
CVE-2015-8340
CVE-2015-8341
CVE-2015-8345
CVE-2015-8504
CVE-2015-8550
CVE-2015-8554
CVE-2015-8555
CVE-2015-8558
CVE-2015-8567
CVE-2015-8568
CVE-2015-8613
CVE-2015-8615
CVE-2015-8619
CVE-2015-8743
CVE-2015-8744
CVE-2015-8745
CVE-2016-10013
CVE-2016-10024
CVE-2016-10025
CVE-2016-1568
CVE-2016-1570
CVE-2016-1571
CVE-2016-1714
CVE-2016-1922
CVE-2016-1981
CVE-2016-2198
CVE-2016-2270
CVE-2016-2271
CVE-2016-2391
CVE-2016-2392
CVE-2016-2538
CVE-2016-2841
CVE-2016-4439
CVE-2016-4441
CVE-2016-5238
CVE-2016-5338
CVE-2016-6258
CVE-2016-6259
CVE-2016-6351
CVE-2016-7092
CVE-2016-7093
CVE-2016-7094
CVE-2016-7777
CVE-2016-7908
CVE-2016-7909
CVE-2016-8667
CVE-2016-8669
CVE-2016-8910
CVE-2016-9377
CVE-2016-9378
CVE-2016-9379
CVE-2016-9380
CVE-2016-9381
CVE-2016-9382
CVE-2016-9383
CVE-2016-9384
CVE-2016-9385
CVE-2016-9386
CVE-2016-9637
CVE-2016-9921
CVE-2016-9922
CVE-2016-9932
CVE-2017-12135
CVE-2017-12136
CVE-2017-12137
CVE-2017-18922
CVE-2017-2615
CVE-2017-2620
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2017-6505
CVE-2017-8309
CVE-2017-9330
CVE-2018-10471
CVE-2018-10472
CVE-2018-10981
CVE-2018-10982
CVE-2018-12891
CVE-2018-12892
CVE-2018-12893
CVE-2018-15468
CVE-2018-15469
CVE-2018-15470
CVE-2018-18883
CVE-2018-19961
CVE-2018-19962
CVE-2018-19963
CVE-2018-19964
CVE-2018-19965
CVE-2018-19966
CVE-2018-19967
CVE-2018-20843
CVE-2018-21247
CVE-2018-3639
CVE-2018-3646
CVE-2018-3665
CVE-2018-5244
CVE-2018-7540
CVE-2018-7541
CVE-2018-7542
CVE-2018-8897
CVE-2019-17566
CVE-2019-20787
CVE-2019-20839
CVE-2019-20840
CVE-2019-20919
CVE-2020-12066
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-35503
CVE-2020-35504
CVE-2020-35505
CVE-2020-35506
CVE-2021-20255
CVE-2021-3527
CVE-2021-3682
openSUSE-SU-2020:0557-1
openSUSE-SU-2020:0851-1
openSUSE-SU-2020:1056-1
openSUSE-SU-2020:1628-1
SUSE-SU-2019:1835-1
SUSE-SU-2021:2858-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP3
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND teeworlds-0.7.5-lp151.2.6 is installed
  • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-lp152.9.4 is installed
  • OR LibVNCServer-devel-0.9.10-lp152.9.4 is installed
  • OR libvncclient0-0.9.10-lp152.9.4 is installed
  • OR libvncserver0-0.9.10-lp152.9.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • AND qemu-tools-5.2.0-103.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • expat-2.2.5-3.3 is installed
  • OR libexpat-devel-2.2.5-3.3 is installed
  • OR libexpat1-2.2.5-3.3 is installed
  • OR libexpat1-32bit-2.2.5-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • xen-4.12.0_12-1 is installed
  • OR xen-devel-4.12.0_12-1 is installed
  • OR xen-tools-4.12.0_12-1 is installed
  • BACK