Oval Definition:oval:org.opensuse.security:def:70310
Revision Date:2021-11-04Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- Fix heap use-after-free in virtio_net_receive_rcu (bsc#1189938, CVE-2021-3748) - Fix out-of-bounds write in UAS (USB Attached SCSI) device emulation (bsc#1189702, CVE-2021-3713) - usbredir: free call on invalid pointer in bufp_alloc (bsc#1189145, CVE-2021-3682) - NULL pointer dereference in ESP (bsc#1180433, CVE-2020-35504) (bsc#1180434, CVE-2020-35505) (bsc#1180435, CVE-2020-35506) - NULL pointer dereference issue in megasas-gen2 host bus adapter (bsc#1180432, CVE-2020-35503) - eepro100: stack overflow via infinite recursion (bsc#1182651, CVE-2021-20255) - usb: unbounded stack allocation in usbredir (bsc#1186012, CVE-2021-3527)
Family:unixClass:patch
Status:Reference(s):1055014
1055186
1061843
1065729
1077428
1129923
1134760
1152489
1174748
1174969
1175052
1175898
1176485
1176713
1177086
1177353
1177410
1177411
1177470
1177739
1177749
1177750
1177754
1177755
1177765
1177814
1177817
1177854
1177855
1177856
1177861
1178002
1178079
1178246
1180432
1180433
1180434
1180435
1182651
1186012
1189145
1189702
1189938
CVE-2013-6487
CVE-2014-3775
CVE-2020-14351
CVE-2020-16120
CVE-2020-25285
CVE-2020-35503
CVE-2020-35504
CVE-2020-35505
CVE-2020-35506
CVE-2021-20255
CVE-2021-3527
CVE-2021-3682
CVE-2021-3713
CVE-2021-3748
SUSE-SU-2020:3122-1
SUSE-SU-2021:3613-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.34 is installed
  • OR kernel-default-base-5.3.18-24.34.1.9.11 is installed
  • OR kernel-default-devel-5.3.18-24.34 is installed
  • OR kernel-devel-5.3.18-24.34 is installed
  • OR kernel-macros-5.3.18-24.34 is installed
  • OR kernel-preempt-5.3.18-24.34 is installed
  • OR kernel-source-5.3.18-24.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • qemu-2.11.2-70.59.1 is installed
  • OR qemu-block-curl-2.11.2-70.59.1 is installed
  • OR qemu-block-iscsi-2.11.2-70.59.1 is installed
  • OR qemu-block-rbd-2.11.2-70.59.1 is installed
  • OR qemu-block-ssh-2.11.2-70.59.1 is installed
  • OR qemu-guest-agent-2.11.2-70.59.1 is installed
  • OR qemu-ipxe-1.0.0+-70.59.1 is installed
  • OR qemu-kvm-2.11.2-70.59.1 is installed
  • OR qemu-lang-2.11.2-70.59.1 is installed
  • OR qemu-ppc-2.11.2-70.59.1 is installed
  • OR qemu-seabios-1.11.0_0_g63451fc-70.59.1 is installed
  • OR qemu-sgabios-8-70.59.1 is installed
  • OR qemu-tools-2.11.2-70.59.1 is installed
  • OR qemu-vgabios-1.11.0_0_g63451fc-70.59.1 is installed
  • OR qemu-x86-2.11.2-70.59.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libgadu-devel-1.12.2-1 is installed
  • OR libgadu3-1.12.2-1 is installed
    • BACK