openSUSE Leap 15.3: 2021:1942-1 Important: QEMU Security Fix
opensuse
July 11, 2021
An update that solves 14 vulnerabilities and has three fixes is now available
Description
This update for qemu fixes the following issues:
- Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to
what was accepted upstream (bsc#1181103)
- Fix OOB access in sdhci interface (CVE-2020-17380, bsc#1175144,
CVE-2020-25085, bsc#1176681, CVE-2021-3409, bsc#1182282)
- Fix potential privilege escalation in virtiofsd tool (CVE-2021-20263,
bsc#1183373)
- Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416,
bsc#1182968)
- Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686)
- Fix package scripts to not use hard coded paths for temporary working
directories and log files (bsc#1182425)
- QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290)
- For the record, these issues are fixed in this package already. Most are
alternate references to previously mentioned issues: (CVE-2019-15890,
bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534,
...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1942=1
Package List
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
qemu-5.2.0-17.1
qemu-arm-5.2.0-17.1
qemu-arm-debuginfo-5.2.0-17.1
qemu-audio-alsa-5.2.0-17.1
qemu-audio-alsa-debuginfo-5.2.0-17.1
qemu-audio-pa-5.2.0-17.1
qemu-audio-pa-debuginfo-5.2.0-17.1
qemu-audio-spice-5.2.0-17.1
qemu-audio-spice-debuginfo-5.2.0-17.1
qemu-block-curl-5.2.0-17.1
qemu-block-curl-debuginfo-5.2.0-17.1
qemu-block-dmg-5.2.0-17.1
qemu-block-dmg-debuginfo-5.2.0-17.1
qemu-block-gluster-5.2.0-17.1
qemu-block-gluster-debuginfo-5.2.0-17.1
qemu-block-iscsi-5.2.0-17.1
qemu-block-iscsi-debuginfo-5.2.0-17.1
qemu-block-nfs-5.2.0-17.1
qemu-block-nfs-debuginfo-5.2.0-17.1
qemu-block-rbd-5.2.0-17.1
qemu-block-rbd-debuginfo-5.2.0-17.1
qemu-block-ssh-5.2.0-17.1
qemu-block-ssh-debuginfo-5.2.0-17.1
qemu-chardev-baum-5.2.0-17.1
qemu-chardev-baum-debuginfo-5.2.0-17.1
qemu-chardev-spice-5.2.0-17.1
qemu-chardev-spice-debuginfo-5.2.0-17.1
qemu-debuginfo-5.2.0-17.1
qemu-debugsource-5.2.0-17.1
qemu-extra-5.2.0-17.1
qemu-extra-debuginfo-5.2.0-17.1
qemu-guest-agent-5.2.0-17.1
qe...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2019-15890.html
https://www.suse.com/security/cve/CVE-2020-14364.html
https://www.suse.com/security/cve/CVE-2020-17380.html
https://www.suse.com/security/cve/CVE-2020-25085.html
https://www.suse.com/security/cve/CVE-2020-25707.html
https://www.suse.com/security/cve/CVE-2020-25723.html
https://www.suse.com/security/cve/CVE-2020-27821.html
https://www.suse.com/security/cve/CVE-2020-29129.html
https://www.suse.com/security/cve/CVE-2020-29130.html
https://www.suse.com/security/cve/CVE-2020-8608.html
https://www.suse.com/security/cve/CVE-2021-20263.html
https://www.suse.com/security/cve/CVE-2021-3409.html
https://www.suse.com/security/cve/CVE-2021-3416.html
https://www.suse.com/security/cve/CVE-2021-3419.html
https://bugzilla.suse.com/1149813
https://bugzilla.suse.com/1163019
https://bugzilla.suse.com/1175144
https://bugzilla.suse.com/1175534
https://bugzilla.suse.com/1176681
https://bugzilla.suse.com/1178683
https://bugzilla.suse.com/1178935
https://bugzilla.suse.com/11794...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2021:1942-1
Rating: important
Affected Products:
openSUSE Leap 15.3
ble.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!