Oval Definition:oval:org.opensuse.security:def:70381
Revision Date:2021-04-16Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:



- Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) - Fix issue where s390 guest fails to find zipl boot menu index (bsc#1183979) - Fix OOB access in iscsi (CVE-2020-11947 bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137) - Apply fixes to qemu scsi passthrough with respect to timeout and error conditions, including using more correct status codes. (bsc#1178049) - Fix OOB access in ARM interrupt handling (CVE-2021-20221 bsc#1181933) - Tweaks to spec file for better formatting, and remove not needed BuildRequires for e2fsprogs-devel and libpcap-devel - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765 bsc#1172478) - Fix OOB access while processing USB packets (CVE-2020-14364 bsc#1175441) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092 bsc#1174641) - Fix buffer overflow in the XGMAC device (CVE-2020-15863 bsc#1174386) - Use '%service_del_postun_without_restart' instead of '%service_del_postun' to avoid 'Failed to try-restart qemu-ga@.service' error while updating the qemu-guest-agent. (bsc#1178565)
Family:unixClass:patch
Status:Reference(s):1122675
1172383
1172384
1172385
1172386
1172478
1173612
1174386
1174641
1175441
1176069
1176673
1176682
1176684
1178049
1178174
1178565
1178934
1179466
1179467
1179468
1179686
1180523
1181108
1181639
1181933
1182137
1182425
1182577
1182968
1183979
CVE-2019-3681
CVE-2020-11947
CVE-2020-12829
CVE-2020-13361
CVE-2020-13362
CVE-2020-13659
CVE-2020-13765
CVE-2020-14364
CVE-2020-14386
CVE-2020-15469
CVE-2020-15863
CVE-2020-16092
CVE-2020-25084
CVE-2020-25624
CVE-2020-25625
CVE-2020-25723
CVE-2020-27617
CVE-2020-27821
CVE-2020-28916
CVE-2020-29129
CVE-2020-29130
CVE-2020-29443
CVE-2021-20181
CVE-2021-20203
CVE-2021-20221
CVE-2021-20257
CVE-2021-3416
SUSE-SU-2020:1695-2
SUSE-SU-2020:2577-1
SUSE-SU-2021:1245-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Development Tools 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.15 is installed
  • OR kernel-default-devel-5.3.18-24.15 is installed
  • OR kernel-devel-5.3.18-24.15 is installed
  • OR kernel-macros-5.3.18-24.15 is installed
  • OR kernel-preempt-5.3.18-24.15 is installed
  • OR kernel-source-5.3.18-24.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • AND osc-0.169.1-3.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • qemu-3.1.1.1-9.24.3 is installed
  • OR qemu-audio-alsa-3.1.1.1-9.24.3 is installed
  • OR qemu-audio-oss-3.1.1.1-9.24.3 is installed
  • OR qemu-audio-pa-3.1.1.1-9.24.3 is installed
  • OR qemu-block-curl-3.1.1.1-9.24.3 is installed
  • OR qemu-block-iscsi-3.1.1.1-9.24.3 is installed
  • OR qemu-block-rbd-3.1.1.1-9.24.3 is installed
  • OR qemu-block-ssh-3.1.1.1-9.24.3 is installed
  • OR qemu-guest-agent-3.1.1.1-9.24.3 is installed
  • OR qemu-ipxe-1.0.0+-9.24.3 is installed
  • OR qemu-kvm-3.1.1.1-9.24.3 is installed
  • OR qemu-lang-3.1.1.1-9.24.3 is installed
  • OR qemu-ppc-3.1.1.1-9.24.3 is installed
  • OR qemu-seabios-1.12.0_0_ga698c89-9.24.3 is installed
  • OR qemu-sgabios-8-9.24.3 is installed
  • OR qemu-tools-3.1.1.1-9.24.3 is installed
  • OR qemu-ui-curses-3.1.1.1-9.24.3 is installed
  • OR qemu-ui-gtk-3.1.1.1-9.24.3 is installed
  • OR qemu-vgabios-1.12.0_0_ga698c89-9.24.3 is installed
  • OR qemu-x86-3.1.1.1-9.24.3 is installed
    • BACK