Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
100
security advisorysecurity issuemoderate severitySUSE 5.5: 2025:0516-1 moderate vulnerability regarding qemu block size
* bsc#1215192 Cross-References: * CVE-2023-42467 . # Security update for qemu Announcement ID: SUSE-SU-2025:0516-1 Release Date: 2025-02-13T11:59:11Z Rating: moderate References: * bsc#1215192 Cross-References: * CVE-2023-42467 CVSS scores: * CVE-2023-42467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-42467 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2023-42467: Disallow block sizes smaller than 512 (bsc#1215192). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-516=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-516=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * qemu-ui-spice-core-7.1.0-150500.49.30.1 * qemu-block-curl-7.1.0-150500.49.30.1 * qemu-guest-agent-7.1.0-150500.49.30.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.30.1 * qemu-debuginfo-7.1.0-150500.49.30.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-usb-redirect-7.1.0-150500.49.30.1 * qemu-hw-display-qxl-7.1.0-150500.49.30.1 * qemu-chardev-spice-7.1.0-150500.49.30.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.30.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.30.1 * qemu-audio-spice-7.1.0-150500.49.30.1 * qemu-debugsource-7.1.0-150500.49.30.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.30.1 * qemu-tools-7.1.0-150500.49.30.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.30.1 * qemu-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.30.1 * qemu-ui-opengl-7.1.0-150500.49.30.1 * qemu-tools-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.30.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.30.1 * qemu-arm-7.1.0-150500.49.30.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-vgabios-1.16.0_0_gd239552-150500.49.30.1 * qemu-SLOF-7.1.0-150500.49.30.1 * qemu-ipxe-1.0.0+-150500.49.30.1 * qemu-sgabios-8-150500.49.30.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.30.1 * SUSE Linux Enterprise Micro 5.5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.30.1 * qemu-ppc-7.1.0-150500.49.30.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-7.1.0-150500.49.30.1 * qemu-s390x-debuginfo-7.1.0-150500.49.30.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-accel-tcg-x86-7.1.0-150500.49.30.1 * qemu-x86-debuginfo-7.1.0-150500.49.30.1 * qemu-x86-7.1.0-150500.49.30.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.30.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-accel-qtest-debuginfo-7.1.0-150500.49.30.1 * qemu-block-dmg-7.1.0-150500.49.30.1 * qemu-ksm-7.1.0-150500.49.30.1 * qemu-ui-spice-core-7.1.0-150500.49.30.1 * qemu-arm-7.1.0-150500.49.30.1 * qemu-ivshmem-tools-7.1.0-150500.49.30.1 * qemu-hw-usb-redirect-7.1.0-150500.49.30.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.30.1 * qemu-ui-curses-7.1.0-150500.49.30.1 * qemu-chardev-baum-7.1.0-150500.49.30.1 * qemu-audio-jack-7.1.0-150500.49.30.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.30.1 * qemu-audio-dbus-7.1.0-150500.49.30.1 * qemu-linux-user-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.30.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.30.1 *qemu-chardev-baum-debuginfo-7.1.0-150500.49.30.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.30.1 * qemu-audio-pa-7.1.0-150500.49.30.1 * qemu-7.1.0-150500.49.30.1 * qemu-ui-opengl-7.1.0-150500.49.30.1 * qemu-ui-spice-app-7.1.0-150500.49.30.1 * qemu-ui-dbus-7.1.0-150500.49.30.1 * qemu-audio-oss-7.1.0-150500.49.30.1 * qemu-ui-gtk-7.1.0-150500.49.30.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.30.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.30.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.30.1 * qemu-s390x-7.1.0-150500.49.30.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.30.1 * qemu-extra-7.1.0-150500.49.30.1 * qemu-chardev-spice-7.1.0-150500.49.30.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.30.1 * qemu-block-ssh-7.1.0-150500.49.30.1 * qemu-tools-7.1.0-150500.49.30.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.30.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.30.1 * qemu-accel-qtest-7.1.0-150500.49.30.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.30.1 * qemu-vhost-user-gpu-7.1.0-150500.49.30.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.30.1 * qemu-arm-debuginfo-7.1.0-150500.49.30.1 * qemu-extra-debuginfo-7.1.0-150500.49.30.1 * qemu-x86-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.30.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.30.1 * qemu-block-gluster-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.30.1 * qemu-hw-usb-host-7.1.0-150500.49.30.1 * qemu-ppc-debuginfo-7.1.0-150500.49.30.1 * qemu-block-iscsi-7.1.0-150500.49.30.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.30.1 * qemu-x86-7.1.0-150500.49.30.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.30.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.30.1 *qemu-audio-spice-7.1.0-150500.49.30.1 * qemu-linux-user-debugsource-7.1.0-150500.49.30.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.30.1 * qemu-tools-debuginfo-7.1.0-150500.49.30.1 * qemu-s390x-debuginfo-7.1.0-150500.49.30.1 * qemu-headless-7.1.0-150500.49.30.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.30.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.30.1 * qemu-block-nfs-7.1.0-150500.49.30.1 * qemu-block-curl-7.1.0-150500.49.30.1 * qemu-guest-agent-7.1.0-150500.49.30.1 * qemu-debuginfo-7.1.0-150500.49.30.1 * qemu-ppc-7.1.0-150500.49.30.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-qxl-7.1.0-150500.49.30.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.30.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.30.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.30.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.30.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.30.1 * qemu-audio-alsa-7.1.0-150500.49.30.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.30.1 * qemu-debugsource-7.1.0-150500.49.30.1 * qemu-accel-tcg-x86-7.1.0-150500.49.30.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.30.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.30.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.30.1 * openSUSE Leap 15.5 (noarch) * qemu-sgabios-8-150500.49.30.1 * qemu-microvm-7.1.0-150500.49.30.1 * qemu-lang-7.1.0-150500.49.30.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.30.1 * qemu-SLOF-7.1.0-150500.49.30.1 * qemu-skiboot-7.1.0-150500.49.30.1 * qemu-ipxe-1.0.0+-150500.49.30.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.30.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-7.1.0-150500.49.30.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.30.1 ## References: *https://www.suse.com/security/cve/CVE-2023-42467.html * https://bugzilla.suse.com/show_bug.cgi?id=1215192 . Patch release for qemu to mitigate a moderate severity vulnerability affecting SUSE and openSUSE systems, improving overall system resilience.. qemu security update,SUSE advisory,openSUSE patch,software update. . LinuxSecurity.com Team
Feb 13, 2025
SuSE
202
security advisorycritical issuebuffer overflowopenSUSE Leap 15.5 SUSE-SU-2024:1103-1 important: qemu buffer overflow
This update for qemu fixes the following issues: CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value (bsc#1220062).. # Security update for qemu Announcement ID: SUSE-SU-2024:1103-1 Rating: important References: * bsc#1205316 * bsc#1209554 * bsc#1218484 * bsc#1220062 * bsc#1220065 * bsc#1220134 * jsc#PED-7366 * jsc#PED-8113 Cross-References: * CVE-2023-1544 * CVE-2023-6693 * CVE-2024-24474 * CVE-2024-26327 * CVE-2024-26328 CVSS scores: * CVE-2023-1544 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H * CVE-2023-1544 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H * CVE-2023-6693 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2023-6693 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-24474 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-26327 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-26328 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves five vulnerabilities, contains two features and has one security fix can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value (bsc#1220062). * CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI command (bsc#1220134). * CVE-2023-6693: Fixed stack buffer overflow in virtio_net_flush_tx() (bsc#1218484). * CVE-2023-1544: Fixed out-of-bounds read in pvrdma_ring_next_elem_read() (bsc#1209554). * CVE-2024-26328: Fixed invalid NumVFs value handled in NVME SR/IOV implementation (bsc#1220065). The following non-security bug was fixed: * Removing in-use mediated device should fail with error message instead of hang (bsc#1205316). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1103=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1103=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1103=1 openSUSE-SLE-15.5-2024-1103=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1103=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1103=1 ## Package List: * SUSE Package Hub 15 15-SP5 (noarch) * qemu-microvm-7.1.0-150500.49.12.1 * qemu-sgabios-8-150500.49.12.1 * qemu-SLOF-7.1.0-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-skiboot-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-block-nfs-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-qtest-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.12.1 * qemu-extra-debuginfo-7.1.0-150500.49.12.1 * qemu-block-dmg-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-7.1.0-150500.49.12.1 * qemu-audio-oss-7.1.0-150500.49.12.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-extra-7.1.0-150500.49.12.1 * qemu-audio-jack-7.1.0-150500.49.12.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.12.1 *qemu-block-gluster-debuginfo-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-7.1.0-150500.49.12.1 * qemu-block-gluster-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * qemu-x86-7.1.0-150500.49.12.1 * qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-7.1.0-150500.49.12.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-alsa-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le) * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le x86_64) * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64) * qemu-ppc-debuginfo-7.1.0-150500.49.12.1 * qemu-ppc-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (ppc64le s390x x86_64) * qemu-arm-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (s390x) * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-ui-gtk-7.1.0-150500.49.12.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 *qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-app-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-chardev-baum-debuginfo-7.1.0-150500.49.12.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.12.1 * qemu-block-rbd-7.1.0-150500.49.12.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-dbus-7.1.0-150500.49.12.1 * qemu-lang-7.1.0-150500.49.12.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-7.1.0-150500.49.12.1 * qemu-block-iscsi-7.1.0-150500.49.12.1 * qemu-ksm-7.1.0-150500.49.12.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-host-7.1.0-150500.49.12.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-block-curl-7.1.0-150500.49.12.1 * qemu-ui-curses-7.1.0-150500.49.12.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.12.1 * qemu-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-dbus-7.1.0-150500.49.12.1 * qemu-chardev-baum-7.1.0-150500.49.12.1 * qemu-block-ssh-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (aarch64) * qemu-arm-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (aarch64 ppc64le x86_64) * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-ui-gtk-7.1.0-150500.49.12.1 *qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-app-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (noarch) * qemu-sgabios-8-150500.49.12.1 * qemu-ipxe-1.0.0+-150500.49.12.1 * qemu-SLOF-7.1.0-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-skiboot-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.12.1 * qemu-ppc-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (s390x x86_64) * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-kvm-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (x86_64) * qemu-x86-7.1.0-150500.49.12.1 * qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-7.1.0-150500.49.12.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-alsa-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-block-iscsi-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-dbus-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 *qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-7.1.0-150500.49.12.1 * qemu-block-iscsi-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1 * qemu-ksm-7.1.0-150500.49.12.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-host-7.1.0-150500.49.12.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 * qemu-block-dmg-7.1.0-150500.49.12.1 * qemu-ui-curses-7.1.0-150500.49.12.1 * qemu-arm-7.1.0-150500.49.12.1 * qemu-audio-oss-7.1.0-150500.49.12.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.12.1 * qemu-block-ssh-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-linux-user-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-gtk-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-7.1.0-150500.49.12.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * qemu-ui-dbus-7.1.0-150500.49.12.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1 * qemu-block-nfs-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-qtest-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-alsa-7.1.0-150500.49.12.1 * qemu-ui-spice-app-7.1.0-150500.49.12.1 * qemu-x86-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 *qemu-block-dmg-debuginfo-7.1.0-150500.49.12.1 * qemu-extra-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-linux-user-debugsource-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-extra-7.1.0-150500.49.12.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.12.1 * qemu-chardev-baum-7.1.0-150500.49.12.1 * qemu-block-gluster-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-lang-7.1.0-150500.49.12.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.12.1 * qemu-headless-7.1.0-150500.49.12.1 * qemu-ppc-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-ppc-7.1.0-150500.49.12.1 * qemu-block-curl-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-7.1.0-150500.49.12.1 * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1 * qemu-audio-jack-7.1.0-150500.49.12.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.12.1 * qemu-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (noarch) * qemu-microvm-7.1.0-150500.49.12.1 * qemu-ipxe-1.0.0+-150500.49.12.1 * qemu-sgabios-8-150500.49.12.1 * qemu-SLOF-7.1.0-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 *qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-skiboot-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-7.1.0-150500.49.12.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-7.1.0-150500.49.12.1 * qemu-tools-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-block-curl-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * qemu-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-sgabios-8-150500.49.12.1 * qemu-ipxe-1.0.0+-150500.49.12.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-x86-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 *qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * qemu-tools-7.1.0-150500.49.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-1544.html * https://www.suse.com/security/cve/CVE-2023-6693.html * https://www.suse.com/security/cve/CVE-2024-24474.html * https://www.suse.com/security/cve/CVE-2024-26327.html * https://www.suse.com/security/cve/CVE-2024-26328.html * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1209554 * https://bugzilla.suse.com/show_bug.cgi?id=1218484 * https://bugzilla.suse.com/show_bug.cgi?id=1220062 * https://bugzilla.suse.com/show_bug.cgi?id=1220065 * https://bugzilla.suse.com/show_bug.cgi?id=1220134 * * . The latest qemu patch resolves memory corruption vulnerabilities, enhancing security in openSUSE Leap 15.5 and SUSE Linux Enterprise.. qemu Update, Buffer Overflow Fix, SUSE Security Advisory. . Severity: Important. LinuxSecurity.com Team
Apr 08, 2024
•Important
OpenSUSE
100
security advisorybuffer overflowsuse linuxSUSE Linux 15 SP5: 2023:4662-1 important: qemu buffer overflow
* bsc#1188609 * bsc#1212850 * bsc#1213210 * bsc#1213925 * bsc#1215311 . # Security update for qemu Announcement ID: SUSE-SU-2023:4662-1 Rating: important References: * bsc#1188609 * bsc#1212850 * bsc#1213210 * bsc#1213925 * bsc#1215311 Cross-References: * CVE-2021-3638 * CVE-2023-3180 * CVE-2023-3354 CVSS scores: * CVE-2021-3638 ( SUSE ): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L * CVE-2021-3638 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2023-3180 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-3180 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2023-3354 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3354 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2021-3638: hw/display/ati_2d: Fix buffer overflow in ati_2d_blt (bsc#1188609) * CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request (bsc#1213925) * CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake (bsc#1212850) * [openSUSE] roms/ipxe: Backport 0aa2e4ec9635, in preparation of binutils 2.41 (bsc#1215311) * target/s390x: Fix the "ignored match" case in VSTRS (bsc#1213210) * linux-user/elfload: Enable vxe2 on s390x (bsc#1213210) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-4662=1 openSUSE-SLE-15.5-2023-4662=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-4662=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4662=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2023-4662=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-extra-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.9.2 * qemu-block-curl-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-pa-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.9.2 * qemu-audio-spice-7.1.0-150500.49.9.2 * qemu-tools-debuginfo-7.1.0-150500.49.9.2 * qemu-block-curl-7.1.0-150500.49.9.2 * qemu-ppc-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-curses-7.1.0-150500.49.9.2 * qemu-audio-spice-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.9.2 * qemu-block-ssh-debuginfo-7.1.0-150500.49.9.2 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.9.2 * qemu-block-nfs-debuginfo-7.1.0-150500.49.9.2 * qemu-7.1.0-150500.49.9.2 * qemu-arm-7.1.0-150500.49.9.2 * qemu-block-dmg-7.1.0-150500.49.9.2 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.9.2 * qemu-vhost-user-gpu-7.1.0-150500.49.9.2 * qemu-debugsource-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.9.2 * qemu-arm-debuginfo-7.1.0-150500.49.9.2 * qemu-chardev-baum-7.1.0-150500.49.9.2 * qemu-block-dmg-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.9.2 *qemu-accel-qtest-debuginfo-7.1.0-150500.49.9.2 * qemu-chardev-spice-7.1.0-150500.49.9.2 * qemu-ui-curses-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-gtk-7.1.0-150500.49.9.2 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.9.2 * qemu-extra-7.1.0-150500.49.9.2 * qemu-linux-user-debugsource-7.1.0-150500.49.9.1 * qemu-headless-7.1.0-150500.49.9.2 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.9.2 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.9.2 * qemu-s390x-debuginfo-7.1.0-150500.49.9.2 * qemu-linux-user-debuginfo-7.1.0-150500.49.9.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.9.2 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.9.2 * qemu-ksm-7.1.0-150500.49.9.2 * qemu-guest-agent-7.1.0-150500.49.9.2 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-oss-7.1.0-150500.49.9.2 * qemu-audio-dbus-7.1.0-150500.49.9.2 * qemu-block-ssh-7.1.0-150500.49.9.2 * qemu-linux-user-7.1.0-150500.49.9.1 * qemu-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-pa-7.1.0-150500.49.9.2 * qemu-audio-jack-7.1.0-150500.49.9.2 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-spice-core-7.1.0-150500.49.9.2 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-usb-host-7.1.0-150500.49.9.2 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.9.2 * qemu-block-iscsi-7.1.0-150500.49.9.2 * qemu-ui-spice-app-7.1.0-150500.49.9.2 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-usb-smartcard-7.1.0-150500.49.9.2 * qemu-ppc-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.9.2 * qemu-accel-tcg-x86-7.1.0-150500.49.9.2 * qemu-block-gluster-debuginfo-7.1.0-150500.49.9.2 * qemu-lang-7.1.0-150500.49.9.2 * qemu-ivshmem-tools-7.1.0-150500.49.9.2 * qemu-hw-usb-redirect-7.1.0-150500.49.9.2 * qemu-s390x-7.1.0-150500.49.9.2 * qemu-audio-oss-debuginfo-7.1.0-150500.49.9.2 *qemu-hw-display-qxl-7.1.0-150500.49.9.2 * qemu-audio-alsa-7.1.0-150500.49.9.2 * qemu-tools-7.1.0-150500.49.9.2 * qemu-ui-dbus-7.1.0-150500.49.9.2 * qemu-x86-debuginfo-7.1.0-150500.49.9.2 * qemu-x86-7.1.0-150500.49.9.2 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-opengl-7.1.0-150500.49.9.2 * qemu-block-nfs-7.1.0-150500.49.9.2 * qemu-audio-jack-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-vga-7.1.0-150500.49.9.2 * qemu-accel-qtest-7.1.0-150500.49.9.2 * qemu-guest-agent-debuginfo-7.1.0-150500.49.9.2 * qemu-block-gluster-7.1.0-150500.49.9.2 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.9.2 * openSUSE Leap 15.5 (noarch) * qemu-microvm-7.1.0-150500.49.9.2 * qemu-sgabios-8-150500.49.9.2 * qemu-ipxe-1.0.0+-150500.49.9.2 * qemu-vgabios-1.16.0_0_gd239552-150500.49.9.2 * qemu-skiboot-7.1.0-150500.49.9.2 * qemu-SLOF-7.1.0-150500.49.9.2 * qemu-seabios-1.16.0_0_gd239552-150500.49.9.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-debuginfo-7.1.0-150500.49.9.2 * qemu-block-rbd-7.1.0-150500.49.9.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * qemu-hw-display-virtio-gpu-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.9.2 * qemu-7.1.0-150500.49.9.2 * qemu-hw-usb-redirect-7.1.0-150500.49.9.2 * qemu-block-curl-debuginfo-7.1.0-150500.49.9.2 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.9.2 * qemu-guest-agent-7.1.0-150500.49.9.2 * qemu-hw-display-qxl-7.1.0-150500.49.9.2 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.9.2 * qemu-debugsource-7.1.0-150500.49.9.2 * qemu-tools-7.1.0-150500.49.9.2 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.9.2 * qemu-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-spice-7.1.0-150500.49.9.2 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-opengl-7.1.0-150500.49.9.2 * qemu-tools-debuginfo-7.1.0-150500.49.9.2 *qemu-block-curl-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-vga-7.1.0-150500.49.9.2 * qemu-ui-spice-core-7.1.0-150500.49.9.2 * qemu-chardev-spice-7.1.0-150500.49.9.2 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.9.2 * qemu-guest-agent-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-spice-debuginfo-7.1.0-150500.49.9.2 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.9.2 * qemu-arm-7.1.0-150500.49.9.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-seabios-1.16.0_0_gd239552-150500.49.9.2 * qemu-vgabios-1.16.0_0_gd239552-150500.49.9.2 * qemu-sgabios-8-150500.49.9.2 * qemu-ipxe-1.0.0+-150500.49.9.2 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-7.1.0-150500.49.9.2 * qemu-s390x-debuginfo-7.1.0-150500.49.9.2 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.9.2 * qemu-x86-debuginfo-7.1.0-150500.49.9.2 * qemu-accel-tcg-x86-7.1.0-150500.49.9.2 * qemu-x86-7.1.0-150500.49.9.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-tools-7.1.0-150500.49.9.2 * qemu-debuginfo-7.1.0-150500.49.9.2 * qemu-debugsource-7.1.0-150500.49.9.2 * qemu-tools-debuginfo-7.1.0-150500.49.9.2 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-ui-dbus-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.9.2 * qemu-block-ssh-debuginfo-7.1.0-150500.49.9.2 * qemu-lang-7.1.0-150500.49.9.2 * qemu-7.1.0-150500.49.9.2 * qemu-block-rbd-debuginfo-7.1.0-150500.49.9.2 * qemu-block-curl-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.9.2 * qemu-ksm-7.1.0-150500.49.9.2 * qemu-guest-agent-7.1.0-150500.49.9.2 * qemu-block-rbd-7.1.0-150500.49.9.2 * qemu-debugsource-7.1.0-150500.49.9.2 * qemu-audio-dbus-7.1.0-150500.49.9.2 * qemu-block-ssh-7.1.0-150500.49.9.2 *qemu-chardev-baum-7.1.0-150500.49.9.2 * qemu-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-dbus-7.1.0-150500.49.9.2 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.9.2 * qemu-block-curl-7.1.0-150500.49.9.2 * qemu-hw-usb-host-7.1.0-150500.49.9.2 * qemu-ui-curses-debuginfo-7.1.0-150500.49.9.2 * qemu-block-iscsi-7.1.0-150500.49.9.2 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.9.2 * qemu-guest-agent-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-curses-7.1.0-150500.49.9.2 * Server Applications Module 15-SP5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.9.2 * qemu-arm-7.1.0-150500.49.9.2 * Server Applications Module 15-SP5 (aarch64 ppc64le x86_64) * qemu-chardev-spice-7.1.0-150500.49.9.2 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-gtk-7.1.0-150500.49.9.2 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-spice-7.1.0-150500.49.9.2 * qemu-ui-spice-app-7.1.0-150500.49.9.2 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-qxl-7.1.0-150500.49.9.2 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.9.2 * qemu-ui-opengl-7.1.0-150500.49.9.2 * qemu-hw-usb-redirect-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-vga-7.1.0-150500.49.9.2 * qemu-ui-spice-core-7.1.0-150500.49.9.2 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-spice-debuginfo-7.1.0-150500.49.9.2 * Server Applications Module 15-SP5 (noarch) * qemu-vgabios-1.16.0_0_gd239552-150500.49.9.2 * qemu-ipxe-1.0.0+-150500.49.9.2 * qemu-sgabios-8-150500.49.9.2 * qemu-skiboot-7.1.0-150500.49.9.2 * qemu-SLOF-7.1.0-150500.49.9.2 * qemu-seabios-1.16.0_0_gd239552-150500.49.9.2 * Server Applications Module 15-SP5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.9.2 * qemu-ppc-7.1.0-150500.49.9.2 * Server Applications Module 15-SP5(s390x x86_64) * qemu-hw-display-virtio-gpu-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.9.2 * qemu-kvm-7.1.0-150500.49.9.2 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.9.2 * Server Applications Module 15-SP5 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.9.2 * qemu-s390x-7.1.0-150500.49.9.2 * qemu-s390x-debuginfo-7.1.0-150500.49.9.2 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.9.2 * Server Applications Module 15-SP5 (x86_64) * qemu-x86-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-pa-7.1.0-150500.49.9.2 * qemu-x86-7.1.0-150500.49.9.2 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.9.2 * qemu-audio-alsa-7.1.0-150500.49.9.2 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.9.2 * qemu-accel-tcg-x86-7.1.0-150500.49.9.2 * qemu-audio-pa-debuginfo-7.1.0-150500.49.9.2 ## References: * https://www.suse.com/security/cve/CVE-2021-3638.html * https://www.suse.com/security/cve/CVE-2023-3180.html * https://www.suse.com/security/cve/CVE-2023-3354.html * https://bugzilla.suse.com/show_bug.cgi?id=1188609 * https://bugzilla.suse.com/show_bug.cgi?id=1212850 * https://bugzilla.suse.com/show_bug.cgi?id=1213210 * https://bugzilla.suse.com/show_bug.cgi?id=1213925 * https://bugzilla.suse.com/show_bug.cgi?id=1215311 . The recent QEMU updates address critical security flaws within SUSE systems. Immediate actions are recommended to enhance protection.. SUSE Security Update,Qemu Patch,Important Security Fix,Buffer Overflow,Virtualization. . Severity: Important. LinuxSecurity.com Team
Dec 14, 2023
•Important
SuSE
217
security advisoryDoSsecurity patchOracle Linux 7 ELSA-2022-9978 Important: QEMU DoS Threat
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-9978 https://linux.oracle.com/errata/ELSA-2022-9978.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: ivshmem-tools-4.2.1-21.el7.aarch64.rpm qemu-4.2.1-21.el7.aarch64.rpm qemu-block-gluster-4.2.1-21.el7.aarch64.rpm qemu-block-iscsi-4.2.1-21.el7.aarch64.rpm qemu-block-rbd-4.2.1-21.el7.aarch64.rpm qemu-common-4.2.1-21.el7.aarch64.rpm qemu-img-4.2.1-21.el7.aarch64.rpm qemu-kvm-4.2.1-21.el7.aarch64.rpm qemu-kvm-core-4.2.1-21.el7.aarch64.rpm qemu-system-aarch64-4.2.1-21.el7.aarch64.rpm qemu-system-aarch64-core-4.2.1-21.el7.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/qemu-4.2.1-21.el7.src.rpm Related CVEs: CVE-2022-0216 Description of changes: [15:4.2.1-21.el7] - qemu-kvm.spec: Fix the qemu-regdump sos report plugin path (Mark Kanda) [Orabug: 34680062] - qmp-regdump: Require python3 on OL8 (Mark Kanda) [Orabug: 34672256] - iotests: Adjust 186.out to account for 'null' node-name (Mark Kanda) [Orabug: 34447388] - block: Set the name of BlockBackend if possible (Annie Li) [Orabug: 34447388] - acpi: Update _DSM method in expected files (Mark Kanda) [Orabug: 34616322] - acpi/gpex: Fix cca attribute check for pxb device (Xingang Wang) [Orabug: 34616322] - acpi: Enable pxb unit-test for ARM virt machine (Jiahui Cen) [Orabug: 34616322] - Kconfig: Compile PXB for ARM_VIRT (Jiahui Cen) [Orabug: 34616322] - acpi/gpex: Exclude pxb's resources from PCI0 (Jiahui Cen) [Orabug: 34616322] - acpi/gpex: Inform os to keep firmware resource map (Jiahui Cen) [Orabug: 34616322] - acpi: Add addr offset in build_crs (Jiahui Cen) [Orabug: 34616322] - unit-test: Add testcase for pxb (Yubo Miao) [Orabug: 34616322] - acpi: Align the size to 128k (Yubo Miao) [Orabug: 34616322] - acpi/gpex: Build tables for pxb (Yubo Miao) [Orabug: 34616322] - acpi: Extract crs build form acpi_build.c (Yubo Miao) [Orabug: 34616322] - hw/arm/virt: Write extra pci roots into fw_cfg (Jiahui Cen) [Orabug: 34616322] - fw_cfg: Refactor extra pci roots addition (Jiahui Cen) [Orabug: 34616322] - acpi/gpex: Extract two APIs from acpi_dsdt_add_pci (Yubo Miao) [Orabug: 34616322] - arm: use acpi_dsdt_add_gpex (Gerd Hoffmann) [Orabug: 34616322] - acpi: add acpi_dsdt_add_gpex (Gerd Hoffmann) [Orabug: 34616322] - acpi: Allow DSDT acpi table changes (Jiahui Cen) [Orabug: 34616322] - move MemMapEntry (Gerd Hoffmann) [Orabug: 34616322] - scsi/lsi53c895a: really fix use-after-free in lsi_do_msgout (CVE-2022-0216) (Mauro Matteo Cascella) [Orabug: 34353672] {CVE-2022-0216} - scsi/lsi53c895a: fix use-after-free in lsi_do_msgout (CVE-2022-0216) (Mauro Matteo Cascella) [Orabug: 34353672] {CVE-2022-0216} - tests/qtest: Add fuzz-lsi53c895a-test (Philippe Mathieu-Daudé) [Orabug: 34353672] {CVE-2022-0216} - hw/scsi/lsi53c895a: Do not abort when DMA requested and no data queued (Philippe Mathieu-Daudé) [Orabug: 34353672] {CVE-2022-0216} - vfio: defer to commit kvm irq routing when enable msi/msix (Longpeng (Mike)) [Orabug: 34419422] - vfio: simplify the failure path in vfio_msi_enable (Longpeng (Mike)) [Orabug: 34419422] - vfio: move re-enabling INTX out of the common helper (Longpeng (Mike)) [Orabug: 34419422] - vfio: simplify the conditional statements in vfio_msi_enable (Longpeng (Mike)) [Orabug: 34419422] - kvm/msi: do explicit commit when adding msi routes (Longpeng (Mike)) [Orabug: 34419422] - kvm-irqchip: introduce new API to support route change (Longpeng (Mike)) [Orabug: 34419422] - event_notifier: handle initialization failure better (Maxim Levitsky) [Orabug: 34419422] - qmp-regdump: use QMP command 'query-cpus-fast' (Mark Kanda) [Orabug: 34510460] _______________________________________________ El-errata mailing list
Nov 16, 2022
•Important
Oracle
217
security advisorymoderatesecurity issueOracle Linux 9 ELSA-2022-5270 Important: KVM Security Enhancement
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-5263 https://linux.oracle.com/errata/ELSA-2022-5263.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: qemu-guest-agent-6.2.0-11.el9_0.3.x86_64.rpm qemu-img-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-audio-pa-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-block-curl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-block-rbd-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-common-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-core-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-vga-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-vga-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-usb-redirect-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-docs-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-tools-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-ui-egl-headless-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-ui-opengl-6.2.0-11.el9_0.3.x86_64.rpm qemu-pr-helper-6.2.0-11.el9_0.3.x86_64.rpm aarch64: qemu-guest-agent-6.2.0-11.el9_0.3.aarch64.rpm qemu-img-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-audio-pa-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-block-curl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-block-rbd-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-common-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-core-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-docs-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-tools-6.2.0-11.el9_0.3.aarch64.rpm qemu-pr-helper-6.2.0-11.el9_0.3.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates/qemu-kvm-6.2.0-11.el9_0.3.src.rpm RelatedCVEs: CVE-2022-26353 CVE-2022-26354 Description of changes: [6.2.0-11.el9_0.3] - kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch [bz#2071102] - kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch [bz#2075635] - kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch [bz#2075640] - Resolves: bz#2071102 (RHEL 9.0 guest with vsock device migration failed from RHEL 9.0 > RHEL 8.6 [rhel-9.0.0.z]) - Resolves: bz#2075635 (CVE-2022-26353 qemu-kvm: QEMU: virtio-net: map leaking on error during receive [rhel-9] [rhel-9.0.0.z]) - Resolves: bz#2075640 (CVE-2022-26354 qemu-kvm: QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak [rhel-9] [rhel-9.0.0.z]) [6.2.0-11.el9_0.2] - kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch [bz#2053584] - kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch [bz#2053584] - kvm-vmxcap-Add-5-level-EPT-bit.patch [bz#2038051] - kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch [bz#2038051] - kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch [bz#2043531] - kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch [bz#2043531] - kvm-tests-acpi-add-SLIC-table-test.patch [bz#2043531] - kvm-tests-acpi-SLIC-update-expected-blobs.patch [bz#2043531] - kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch [bz#2043531] - kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch [bz#2043531] - kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch [bz#2043531] - kvm-tests-acpi-update-expected-blobs.patch [bz#2043531] - kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch [bz#2043531] - kvm-rhel-workaround-for-lack-of-binary-patches-in-SRPM.patch [bz#2043531] - Resolves: bz#2053584 (watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843]) - Resolves: bz#2038051 (Win11 (q35+edk2) guest broke after install wsl2 through 'wsl --install -d Ubuntu-20.04') - Resolves: bz#2043531 (Guest can not start with SLIC acpi table) [6.2.0-11.el9_0.1] -kvm-RHEL-mark-old-machine-types-as-deprecated.patch [bz#2052050] - kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch [bz#2059786] - kvm-spec-Fix-obsolete-for-spice-subpackages.patch [bz#2059175 bz#2059146] - kvm-spec-Obsolete-old-usb-redir-subpackage.patch [bz#2059175 bz#2059146] - kvm-spec-Obsolete-ssh-driver.patch [bz#2059175 bz#2059146] _______________________________________________ El-errata mailing list
Jul 06, 2022
•Important
Oracle
100
security advisorysoftware fixlow severitySUSE MicroOS 5.1 Security Advisory: Low Risk qemu Guest Crash Fix
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0177-1 Rating: low References: #1181361 Cross-References: CVE-2021-20196 CVSS scores: CVE-2021-20196 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-20196 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L Affected Products: SUSE MicroOS 5.1 SUSE Linux Enterprise Module for Server Applications 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for qemu fixes the following issues: - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash (bsc#1181361). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE MicroOS 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-177=1 - SUSE Linux Enterprise Module for Server Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-177=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-177=1 Package List: - SUSE MicroOS 5.1 (aarch64 s390x x86_64): qemu-5.2.0-150300.109.2 qemu-debuginfo-5.2.0-150300.109.2 qemu-debugsource-5.2.0-150300.109.2 qemu-tools-5.2.0-150300.109.2 qemu-tools-debuginfo-5.2.0-150300.109.2 - SUSE MicroOS 5.1 (aarch64): qemu-arm-5.2.0-150300.109.2 qemu-arm-debuginfo-5.2.0-150300.109.2 - SUSE MicroOS 5.1 (noarch): qemu-ipxe-1.0.0+-150300.109.2 qemu-seabios-1.14.0_0_g155821a-150300.109.2 qemu-sgabios-8-150300.109.2 qemu-vgabios-1.14.0_0_g155821a-150300.109.2 - SUSE MicroOS 5.1 (x86_64): qemu-x86-5.2.0-150300.109.2 qemu-x86-debuginfo-5.2.0-150300.109.2 - SUSE MicroOS 5.1 (s390x): qemu-s390x-5.2.0-150300.109.2 qemu-s390x-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64): qemu-5.2.0-150300.109.2 qemu-block-curl-5.2.0-150300.109.2 qemu-block-curl-debuginfo-5.2.0-150300.109.2 qemu-block-iscsi-5.2.0-150300.109.2 qemu-block-iscsi-debuginfo-5.2.0-150300.109.2 qemu-block-rbd-5.2.0-150300.109.2 qemu-block-rbd-debuginfo-5.2.0-150300.109.2 qemu-block-ssh-5.2.0-150300.109.2 qemu-block-ssh-debuginfo-5.2.0-150300.109.2 qemu-chardev-baum-5.2.0-150300.109.2 qemu-chardev-baum-debuginfo-5.2.0-150300.109.2 qemu-debuginfo-5.2.0-150300.109.2 qemu-debugsource-5.2.0-150300.109.2 qemu-guest-agent-5.2.0-150300.109.2 qemu-guest-agent-debuginfo-5.2.0-150300.109.2 qemu-ksm-5.2.0-150300.109.2 qemu-lang-5.2.0-150300.109.2 qemu-ui-curses-5.2.0-150300.109.2 qemu-ui-curses-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le x86_64): qemu-audio-spice-5.2.0-150300.109.2 qemu-audio-spice-debuginfo-5.2.0-150300.109.2 qemu-chardev-spice-5.2.0-150300.109.2 qemu-chardev-spice-debuginfo-5.2.0-150300.109.2 qemu-hw-display-qxl-5.2.0-150300.109.2 qemu-hw-display-qxl-debuginfo-5.2.0-150300.109.2 qemu-hw-display-virtio-vga-5.2.0-150300.109.2 qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.109.2 qemu-hw-usb-redirect-5.2.0-150300.109.2 qemu-hw-usb-redirect-debuginfo-5.2.0-150300.109.2 qemu-ui-gtk-5.2.0-150300.109.2 qemu-ui-gtk-debuginfo-5.2.0-150300.109.2 qemu-ui-opengl-5.2.0-150300.109.2 qemu-ui-opengl-debuginfo-5.2.0-150300.109.2 qemu-ui-spice-app-5.2.0-150300.109.2 qemu-ui-spice-app-debuginfo-5.2.0-150300.109.2 qemu-ui-spice-core-5.2.0-150300.109.2 qemu-ui-spice-core-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (s390x x86_64): qemu-hw-display-virtio-gpu-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-pci-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.109.2 qemu-kvm-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64): qemu-arm-5.2.0-150300.109.2 qemu-arm-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (ppc64le): qemu-ppc-5.2.0-150300.109.2 qemu-ppc-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64): qemu-audio-alsa-5.2.0-150300.109.2 qemu-audio-alsa-debuginfo-5.2.0-150300.109.2 qemu-audio-pa-5.2.0-150300.109.2 qemu-audio-pa-debuginfo-5.2.0-150300.109.2 qemu-x86-5.2.0-150300.109.2 qemu-x86-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch): qemu-ipxe-1.0.0+-150300.109.2 qemu-seabios-1.14.0_0_g155821a-150300.109.2 qemu-sgabios-8-150300.109.2 qemu-skiboot-5.2.0-150300.109.2 qemu-vgabios-1.14.0_0_g155821a-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (s390x): qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.109.2 qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.109.2 qemu-s390x-5.2.0-150300.109.2 qemu-s390x-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): qemu-debuginfo-5.2.0-150300.109.2 qemu-debugsource-5.2.0-150300.109.2 qemu-tools-5.2.0-150300.109.2 qemu-tools-debuginfo-5.2.0-150300.109.2 References: https://www.suse.com/security/cve/CVE-2021-20196.html https://bugzilla.suse.com/1181361 . SUSE releases qemu patch addressing minor guest crash risk along with installation guidelines. Maintain your security!. SUSE qemu update, MicroOS security patch, guest crash fix. . Severity: Low. LinuxSecurity.com Team
Jan 25, 2022
•Low
SuSE
200
security advisoryimportant securityx86_64Scientific Linux SL7: SLSA-2020-1208-1 Important: QEMU-KVM Security Update
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages SL7 x86_64 qemu-img-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-common-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-tools-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-debuginfo-1.5.3-173.el7_8.1.x86_64.rpm - Scientific Linux Development Team. Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2020:1208-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2020-8608 -- * QEMU: Slirp: potential OOB access due to unsafe snprintf() usages -- SL7 x86_64 qemu-img-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-common-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-tools-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-debuginfo-1.5.3-173.el7_8.1.x86_64.rpm - Scientific Linux Development Team . Crucial security patch for qemu-kvm in Scientific Linux SL7 targeting out-of-bounds access vulnerabilities.. Scientific Linux, qemu security, SL7 update, system vulnerabilities, kvm tools. . Severity: Important. LinuxSecurity.com Team
Apr 20, 2020
•Important
Scientific Linux
100
security advisorybuffer overflowaccess controlSUSE: 2019:2246-1 Important: Qemu Security Fixes and Updates
An update that solves three vulnerabilities and has 7 fixes is now available. . SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:2246-1 Rating: important References: #1079730 #1098403 #1111025 #1119115 #1134883 #1135902 #1136540 #1136778 #1140402 #1143794 Cross-References: CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves three vulnerabilities and has 7 fixes is now available. Description: This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794). - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources (bsc#1135902). - CVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402). Bug fixes and enhancements: - Add vcpu features needed for Cascadelake-Server, Icelake-Client and Icelake-Server, especially the foundational arch-capabilities to help with security and performance on Intel hosts (bsc#1134883) (fate#327764) - Add support for one more security/performance related vcpu feature (bsc#1136778) (fate#327796) - Disable file locking in the Xen PV disk backend to avoid locking issues with PV domUs during migration. The issues triggered by the locking can not be properly handled in libxl. The locking introduced in qemu-2.10 was removed again in qemu-4.0 (bsc#1079730, bsc#1098403, bsc#1111025). -Ignore csske for expanding the cpu model (bsc#1136540) - Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-2246=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-2246=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-2246=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64): qemu-2.11.2-9.28.3 qemu-block-curl-2.11.2-9.28.3 qemu-block-curl-debuginfo-2.11.2-9.28.3 qemu-block-iscsi-2.11.2-9.28.3 qemu-block-iscsi-debuginfo-2.11.2-9.28.3 qemu-block-rbd-2.11.2-9.28.3 qemu-block-rbd-debuginfo-2.11.2-9.28.3 qemu-block-ssh-2.11.2-9.28.3 qemu-block-ssh-debuginfo-2.11.2-9.28.3 qemu-debuginfo-2.11.2-9.28.3 qemu-debugsource-2.11.2-9.28.3 qemu-guest-agent-2.11.2-9.28.3 qemu-guest-agent-debuginfo-2.11.2-9.28.3 qemu-lang-2.11.2-9.28.3 - SUSE Linux Enterprise Module for Server Applications 15 (s390x x86_64): qemu-kvm-2.11.2-9.28.3 - SUSE Linux Enterprise Module for Server Applications 15 (aarch64): qemu-arm-2.11.2-9.28.3 qemu-arm-debuginfo-2.11.2-9.28.3 - SUSE Linux Enterprise Module for Server Applications 15 (ppc64le): qemu-ppc-2.11.2-9.28.3 qemu-ppc-debuginfo-2.11.2-9.28.3 - SUSE Linux Enterprise Module for Server Applications 15 (x86_64): qemu-x86-2.11.2-9.28.3 qemu-x86-debuginfo-2.11.2-9.28.3 - SUSE Linux Enterprise Module for Server Applications15 (noarch): qemu-ipxe-1.0.0+-9.28.3 qemu-seabios-1.11.0-9.28.3 qemu-sgabios-8-9.28.3 qemu-vgabios-1.11.0-9.28.3 - SUSE Linux Enterprise Module for Server Applications 15 (s390x): qemu-s390-2.11.2-9.28.3 qemu-s390-debuginfo-2.11.2-9.28.3 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): qemu-block-dmg-2.11.2-9.28.3 qemu-block-dmg-debuginfo-2.11.2-9.28.3 qemu-debuginfo-2.11.2-9.28.3 qemu-debugsource-2.11.2-9.28.3 qemu-extra-2.11.2-9.28.3 qemu-extra-debuginfo-2.11.2-9.28.3 qemu-linux-user-2.11.2-9.28.2 qemu-linux-user-debuginfo-2.11.2-9.28.2 qemu-linux-user-debugsource-2.11.2-9.28.2 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): qemu-debuginfo-2.11.2-9.28.3 qemu-debugsource-2.11.2-9.28.3 qemu-tools-2.11.2-9.28.3 qemu-tools-debuginfo-2.11.2-9.28.3 References: https://www.suse.com/security/cve/CVE-2019-12155.html https://www.suse.com/security/cve/CVE-2019-13164.html https://www.suse.com/security/cve/CVE-2019-14378.html https://bugzilla.suse.com/1079730 https://bugzilla.suse.com/1098403 https://bugzilla.suse.com/1111025 https://bugzilla.suse.com/1119115 https://bugzilla.suse.com/1134883 https://bugzilla.suse.com/1135902 https://bugzilla.suse.com/1136540 https://bugzilla.suse.com/1136778 https://bugzilla.suse.com/1140402 https://bugzilla.suse.com/1143794 _______________________________________________ sle-security-updates mailing list
Aug 28, 2019
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!