Описание
Security update for qemu
This update for qemu fixes the following issues:
- CVE-2022-26354: Fixed missing virtqueue detach on error can lead to memory leak (bsc#1198712)
- CVE-2021-4207: Fixed double fetch in qxl_cursor() can lead to heap buffer overflow (bsc#1198037)
- CVE-2021-4206: Fixed integer overflow in cursor_alloc() can lead to heap buffer overflow (bsc#1198035)
Список пакетов
Container suse/sle-micro-rancher/5.2:latest
qemu-guest-agent-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1
qemu-5.2.0-150300.115.2
qemu-arm-5.2.0-150300.115.2
qemu-ipxe-1.0.0+-150300.115.2
qemu-s390x-5.2.0-150300.115.2
qemu-seabios-1.14.0_0_g155821a-150300.115.2
qemu-sgabios-8-150300.115.2
qemu-tools-5.2.0-150300.115.2
qemu-vgabios-1.14.0_0_g155821a-150300.115.2
qemu-x86-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.2
qemu-5.2.0-150300.115.2
qemu-arm-5.2.0-150300.115.2
qemu-audio-spice-5.2.0-150300.115.2
qemu-chardev-spice-5.2.0-150300.115.2
qemu-guest-agent-5.2.0-150300.115.2
qemu-hw-display-qxl-5.2.0-150300.115.2
qemu-hw-display-virtio-gpu-5.2.0-150300.115.2
qemu-hw-display-virtio-vga-5.2.0-150300.115.2
qemu-hw-usb-redirect-5.2.0-150300.115.2
qemu-ipxe-1.0.0+-150300.115.2
qemu-s390x-5.2.0-150300.115.2
qemu-seabios-1.14.0_0_g155821a-150300.115.2
qemu-sgabios-8-150300.115.2
qemu-tools-5.2.0-150300.115.2
qemu-ui-opengl-5.2.0-150300.115.2
qemu-ui-spice-core-5.2.0-150300.115.2
qemu-vgabios-1.14.0_0_g155821a-150300.115.2
qemu-x86-5.2.0-150300.115.2
SUSE Linux Enterprise Module for Basesystem 15 SP3
qemu-tools-5.2.0-150300.115.2
SUSE Linux Enterprise Module for Server Applications 15 SP3
qemu-5.2.0-150300.115.2
qemu-SLOF-5.2.0-150300.115.2
qemu-arm-5.2.0-150300.115.2
qemu-audio-alsa-5.2.0-150300.115.2
qemu-audio-pa-5.2.0-150300.115.2
qemu-audio-spice-5.2.0-150300.115.2
qemu-block-curl-5.2.0-150300.115.2
qemu-block-iscsi-5.2.0-150300.115.2
qemu-block-rbd-5.2.0-150300.115.2
qemu-block-ssh-5.2.0-150300.115.2
qemu-chardev-baum-5.2.0-150300.115.2
qemu-chardev-spice-5.2.0-150300.115.2
qemu-guest-agent-5.2.0-150300.115.2
qemu-hw-display-qxl-5.2.0-150300.115.2
qemu-hw-display-virtio-gpu-5.2.0-150300.115.2
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.115.2
qemu-hw-display-virtio-vga-5.2.0-150300.115.2
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.115.2
qemu-hw-usb-redirect-5.2.0-150300.115.2
qemu-ipxe-1.0.0+-150300.115.2
qemu-ksm-5.2.0-150300.115.2
qemu-kvm-5.2.0-150300.115.2
qemu-lang-5.2.0-150300.115.2
qemu-ppc-5.2.0-150300.115.2
qemu-s390x-5.2.0-150300.115.2
qemu-seabios-1.14.0_0_g155821a-150300.115.2
qemu-sgabios-8-150300.115.2
qemu-skiboot-5.2.0-150300.115.2
qemu-ui-curses-5.2.0-150300.115.2
qemu-ui-gtk-5.2.0-150300.115.2
qemu-ui-opengl-5.2.0-150300.115.2
qemu-ui-spice-app-5.2.0-150300.115.2
qemu-ui-spice-core-5.2.0-150300.115.2
qemu-vgabios-1.14.0_0_g155821a-150300.115.2
qemu-x86-5.2.0-150300.115.2
openSUSE Leap 15.3
qemu-5.2.0-150300.115.2
qemu-SLOF-5.2.0-150300.115.2
qemu-arm-5.2.0-150300.115.2
qemu-audio-alsa-5.2.0-150300.115.2
qemu-audio-pa-5.2.0-150300.115.2
qemu-audio-spice-5.2.0-150300.115.2
qemu-block-curl-5.2.0-150300.115.2
qemu-block-dmg-5.2.0-150300.115.2
qemu-block-gluster-5.2.0-150300.115.2
qemu-block-iscsi-5.2.0-150300.115.2
qemu-block-nfs-5.2.0-150300.115.2
qemu-block-rbd-5.2.0-150300.115.2
qemu-block-ssh-5.2.0-150300.115.2
qemu-chardev-baum-5.2.0-150300.115.2
qemu-chardev-spice-5.2.0-150300.115.2
qemu-extra-5.2.0-150300.115.2
qemu-guest-agent-5.2.0-150300.115.2
qemu-hw-display-qxl-5.2.0-150300.115.2
qemu-hw-display-virtio-gpu-5.2.0-150300.115.2
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.115.2
qemu-hw-display-virtio-vga-5.2.0-150300.115.2
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.115.2
qemu-hw-usb-redirect-5.2.0-150300.115.2
qemu-hw-usb-smartcard-5.2.0-150300.115.2
qemu-ipxe-1.0.0+-150300.115.2
qemu-ivshmem-tools-5.2.0-150300.115.2
qemu-ksm-5.2.0-150300.115.2
qemu-kvm-5.2.0-150300.115.2
qemu-lang-5.2.0-150300.115.2
qemu-linux-user-5.2.0-150300.115.2
qemu-microvm-5.2.0-150300.115.2
qemu-ppc-5.2.0-150300.115.2
qemu-s390x-5.2.0-150300.115.2
qemu-seabios-1.14.0_0_g155821a-150300.115.2
qemu-sgabios-8-150300.115.2
qemu-skiboot-5.2.0-150300.115.2
qemu-testsuite-5.2.0-150300.115.4
qemu-tools-5.2.0-150300.115.2
qemu-ui-curses-5.2.0-150300.115.2
qemu-ui-gtk-5.2.0-150300.115.2
qemu-ui-opengl-5.2.0-150300.115.2
qemu-ui-spice-app-5.2.0-150300.115.2
qemu-ui-spice-core-5.2.0-150300.115.2
qemu-vgabios-1.14.0_0_g155821a-150300.115.2
qemu-vhost-user-gpu-5.2.0-150300.115.2
qemu-x86-5.2.0-150300.115.2
Ссылки
- Link for SUSE-SU-2022:2254-1
- E-Mail link for SUSE-SU-2022:2254-1
- SUSE Security Ratings
- SUSE Bug 1197084
- SUSE Bug 1198035
- SUSE Bug 1198037
- SUSE Bug 1198712
- SUSE Bug 1199018
- SUSE Bug 1199924
- SUSE CVE CVE-2021-4206 page
- SUSE CVE CVE-2021-4207 page
- SUSE CVE CVE-2022-26354 page
Описание
A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-arm-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-ipxe-1.0.0+-150300.115.2
Ссылки
- CVE-2021-4206
- SUSE Bug 1198035
- SUSE Bug 1211582
Описание
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-arm-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-ipxe-1.0.0+-150300.115.2
Ссылки
- CVE-2021-4207
- SUSE Bug 1198037
Описание
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-arm-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1:qemu-ipxe-1.0.0+-150300.115.2
Ссылки
- CVE-2022-26354
- SUSE Bug 1198712