Oval Definition:oval:org.opensuse.security:def:66850
Revision Date:2021-06-30Version:1
Title:Security update for qemu (Moderate)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2021-3546: Fix out-of-bounds write in virgl_cmd_get_capset (bsc#1185981) - CVE-2021-3544: Fix memory leaks found in the virtio vhost-user GPU device (bsc#1186010) - CVE-2021-3545: Fix information disclosure due to uninitialized memory read (bsc#1185990)

Non-security issues fixed:

- Fix testsuite error (bsc#1184574) - Fix qemu crash with iothread when block commit after snapshot (bsc#1187013) - Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591) - Use RCU to avoid race during scsi hotplug/hotunplug (bsc#1184574)
Family:unixClass:patch
Status:Reference(s):1184574
1185591
1185981
1185990
1186010
1187013
CVE-2017-17688
CVE-2017-17689
CVE-2018-12019
CVE-2018-12020
CVE-2019-0816
CVE-2019-12269
CVE-2020-8631
CVE-2020-8632
CVE-2021-3544
CVE-2021-3545
CVE-2021-3546
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed
  • AND Package Information
  • cloud-init-19.4-8.20 is installed
  • OR cloud-init-config-suse-19.4-8.20 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND enigmail-2.1.5-3.22 is installed
  • BACK