Описание
Security update for qemu
This update for qemu fixes the following issues:
- CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash (bsc#1181361).
Список пакетов
Container suse/sle-micro-rancher/5.2:latest
qemu-guest-agent-5.2.0-150300.109.2
Image SLES15-SP3-EC2-ECS-HVM
qemu-tools-5.2.0-150300.109.2
SUSE Linux Enterprise Micro 5.1
qemu-5.2.0-150300.109.2
qemu-arm-5.2.0-150300.109.2
qemu-ipxe-1.0.0+-150300.109.2
qemu-s390x-5.2.0-150300.109.2
qemu-seabios-1.14.0_0_g155821a-150300.109.2
qemu-sgabios-8-150300.109.2
qemu-tools-5.2.0-150300.109.2
qemu-vgabios-1.14.0_0_g155821a-150300.109.2
qemu-x86-5.2.0-150300.109.2
SUSE Linux Enterprise Module for Basesystem 15 SP3
qemu-tools-5.2.0-150300.109.2
SUSE Linux Enterprise Module for Server Applications 15 SP3
qemu-5.2.0-150300.109.2
qemu-arm-5.2.0-150300.109.2
qemu-audio-alsa-5.2.0-150300.109.2
qemu-audio-pa-5.2.0-150300.109.2
qemu-audio-spice-5.2.0-150300.109.2
qemu-block-curl-5.2.0-150300.109.2
qemu-block-iscsi-5.2.0-150300.109.2
qemu-block-rbd-5.2.0-150300.109.2
qemu-block-ssh-5.2.0-150300.109.2
qemu-chardev-baum-5.2.0-150300.109.2
qemu-chardev-spice-5.2.0-150300.109.2
qemu-guest-agent-5.2.0-150300.109.2
qemu-hw-display-qxl-5.2.0-150300.109.2
qemu-hw-display-virtio-gpu-5.2.0-150300.109.2
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.109.2
qemu-hw-display-virtio-vga-5.2.0-150300.109.2
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.109.2
qemu-hw-usb-redirect-5.2.0-150300.109.2
qemu-ipxe-1.0.0+-150300.109.2
qemu-ksm-5.2.0-150300.109.2
qemu-kvm-5.2.0-150300.109.2
qemu-lang-5.2.0-150300.109.2
qemu-ppc-5.2.0-150300.109.2
qemu-s390x-5.2.0-150300.109.2
qemu-seabios-1.14.0_0_g155821a-150300.109.2
qemu-sgabios-8-150300.109.2
qemu-skiboot-5.2.0-150300.109.2
qemu-ui-curses-5.2.0-150300.109.2
qemu-ui-gtk-5.2.0-150300.109.2
qemu-ui-opengl-5.2.0-150300.109.2
qemu-ui-spice-app-5.2.0-150300.109.2
qemu-ui-spice-core-5.2.0-150300.109.2
qemu-vgabios-1.14.0_0_g155821a-150300.109.2
qemu-x86-5.2.0-150300.109.2
Ссылки
- Link for SUSE-SU-2022:0177-1
- E-Mail link for SUSE-SU-2022:0177-1
- SUSE Security Ratings
- SUSE Bug 1181361
- SUSE CVE CVE-2021-20196 page
Описание
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.109.2
Image SLES15-SP3-EC2-ECS-HVM:qemu-tools-5.2.0-150300.109.2
SUSE Linux Enterprise Micro 5.1:qemu-5.2.0-150300.109.2
SUSE Linux Enterprise Micro 5.1:qemu-arm-5.2.0-150300.109.2
Ссылки
- CVE-2021-20196
- SUSE Bug 1181361