Oval Definition:oval:org.opensuse.security:def:83408
Revision Date:2021-06-02Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

- Fix OOB access during mmio operations (CVE-2020-13754, bsc#1172382) - Fix sPAPR emulator leaks the host hardware identity (CVE-2019-8934, bsc#1126455) - Fix out-of-bounds read information disclosure in icmp6_send_echoreply (CVE-2020-10756, bsc#1172380) - Fix out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221, bsc#1181933) - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534, CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, CVE-2021-20257, bsc#1182846, CVE-2021-3419, bsc#1182975, bsc#1031692, bsc#1094725)
Family:unixClass:patch
Status:Reference(s):1031692
1094725
1126455
1149813
1163019
1172380
1172382
1175534
1178935
1179477
1181933
1182846
1182975
CVE-2019-15890
CVE-2019-8934
CVE-2020-10756
CVE-2020-13754
CVE-2020-14364
CVE-2020-25723
CVE-2020-29130
CVE-2020-8608
CVE-2021-20221
CVE-2021-20257
CVE-2021-3419
Platform(s):SUSE Linux Enterprise Server 12 SP2-LTSS-SAP
Product(s):
BACK