Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:2442-1

Опубликовано: 21 июл. 2021
Источник: suse-cvrf

Описание

Security update for qemu

This update for qemu fixes the following issues:

  • CVE-2021-3582: Fix possible mremap overflow in the pvrdma (bsc#1187499)
  • CVE-2021-3607: Ensure correct input on ring init (bsc#1187539)
  • CVE-2021-3608: Fix the ring init error flow (bsc#1187538)
  • CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow (bsc#1187529)

Список пакетов

Container suse/sle-micro-rancher/5.2:latest
qemu-guest-agent-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1
qemu-block-curl-5.2.0-23.1
qemu-tools-5.2.0-23.1
Container suse/sles/15.3/cdi-uploadserver:1.37.1
qemu-block-curl-5.2.0-23.1
qemu-tools-5.2.0-23.1
Container suse/sles/15.3/libguestfs-tools:0.45.0
qemu-5.2.0-23.1
qemu-ipxe-1.0.0+-23.1
qemu-seabios-1.14.0_0_g155821a-23.1
qemu-sgabios-8-23.1
qemu-tools-5.2.0-23.1
qemu-vgabios-1.14.0_0_g155821a-23.1
qemu-x86-5.2.0-23.1
Container suse/sles/15.3/virt-handler:0.45.0
qemu-tools-5.2.0-23.1
Container suse/sles/15.3/virt-launcher:0.45.0
qemu-5.2.0-23.1
qemu-ipxe-1.0.0+-23.1
qemu-seabios-1.14.0_0_g155821a-23.1
qemu-sgabios-8-23.1
qemu-tools-5.2.0-23.1
qemu-vgabios-1.14.0_0_g155821a-23.1
qemu-x86-5.2.0-23.1
Image SLES15-SP3-EC2-ECS-HVM
qemu-tools-5.2.0-23.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
qemu-tools-5.2.0-23.1
SUSE Linux Enterprise Module for Server Applications 15 SP3
qemu-5.2.0-23.1
qemu-arm-5.2.0-23.1
qemu-audio-alsa-5.2.0-23.1
qemu-audio-pa-5.2.0-23.1
qemu-audio-spice-5.2.0-23.1
qemu-block-curl-5.2.0-23.1
qemu-block-iscsi-5.2.0-23.1
qemu-block-rbd-5.2.0-23.1
qemu-block-ssh-5.2.0-23.1
qemu-chardev-baum-5.2.0-23.1
qemu-chardev-spice-5.2.0-23.1
qemu-guest-agent-5.2.0-23.1
qemu-hw-display-qxl-5.2.0-23.1
qemu-hw-display-virtio-gpu-5.2.0-23.1
qemu-hw-display-virtio-gpu-pci-5.2.0-23.1
qemu-hw-display-virtio-vga-5.2.0-23.1
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-23.1
qemu-hw-usb-redirect-5.2.0-23.1
qemu-ipxe-1.0.0+-23.1
qemu-ksm-5.2.0-23.1
qemu-kvm-5.2.0-23.1
qemu-lang-5.2.0-23.1
qemu-ppc-5.2.0-23.1
qemu-s390x-5.2.0-23.1
qemu-seabios-1.14.0_0_g155821a-23.1
qemu-sgabios-8-23.1
qemu-skiboot-5.2.0-23.1
qemu-ui-curses-5.2.0-23.1
qemu-ui-gtk-5.2.0-23.1
qemu-ui-opengl-5.2.0-23.1
qemu-ui-spice-app-5.2.0-23.1
qemu-ui-spice-core-5.2.0-23.1
qemu-vgabios-1.14.0_0_g155821a-23.1
qemu-x86-5.2.0-23.1

Ссылки

Описание

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a "PVRDMA_CMD_CREATE_MR" command due to improper memory remapping (mremap). This flaw allows a malicious guest to crash the QEMU process on the host. The highest threat from this vulnerability is to system availability.

Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-block-curl-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-tools-5.2.0-23.1
Container suse/sles/15.3/cdi-uploadserver:1.37.1:qemu-block-curl-5.2.0-23.1
Ссылки

Описание

An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-block-curl-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-tools-5.2.0-23.1
Container suse/sles/15.3/cdi-uploadserver:1.37.1:qemu-block-curl-5.2.0-23.1
Ссылки

Описание

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The highest threat from this vulnerability is to system availability.

Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-block-curl-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-tools-5.2.0-23.1
Container suse/sles/15.3/cdi-uploadserver:1.37.1:qemu-block-curl-5.2.0-23.1
Ссылки

Описание

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.

Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-block-curl-5.2.0-23.1
Container suse/sles/15.3/cdi-importer:1.37.1:qemu-tools-5.2.0-23.1
Container suse/sles/15.3/cdi-uploadserver:1.37.1:qemu-block-curl-5.2.0-23.1
Ссылки