Описание
Security update for qemu
This update for qemu fixes the following issues:
- CVE-2022-26354: Fixed missing virtqueue detach on error can lead to memory leak (bsc#1198712)
- CVE-2022-26353: Fixed map leaking on error during receive (bsc#1198711)
- CVE-2021-4207: Fixed double fetch in qxl_cursor() can lead to heap buffer overflow (bsc#1198037)
- CVE-2021-4206: Fixed integer overflow in cursor_alloc() can lead to heap buffer overflow (bsc#1198035)
Список пакетов
Container suse/sle-micro-rancher/5.3:latest
qemu-guest-agent-6.2.0-150400.37.5.3
Container suse/sle-micro-rancher/5.4:latest
qemu-guest-agent-6.2.0-150400.37.5.3
Image SLES15-SP4-EC2-ECS-HVM
qemu-tools-6.2.0-150400.37.5.3
SUSE Linux Enterprise Module for Basesystem 15 SP4
qemu-tools-6.2.0-150400.37.5.3
SUSE Linux Enterprise Module for Server Applications 15 SP4
qemu-6.2.0-150400.37.5.3
qemu-SLOF-6.2.0-150400.37.5.3
qemu-accel-tcg-x86-6.2.0-150400.37.5.3
qemu-arm-6.2.0-150400.37.5.3
qemu-audio-alsa-6.2.0-150400.37.5.3
qemu-audio-pa-6.2.0-150400.37.5.3
qemu-audio-spice-6.2.0-150400.37.5.3
qemu-block-curl-6.2.0-150400.37.5.3
qemu-block-iscsi-6.2.0-150400.37.5.3
qemu-block-rbd-6.2.0-150400.37.5.3
qemu-block-ssh-6.2.0-150400.37.5.3
qemu-chardev-baum-6.2.0-150400.37.5.3
qemu-chardev-spice-6.2.0-150400.37.5.3
qemu-guest-agent-6.2.0-150400.37.5.3
qemu-hw-display-qxl-6.2.0-150400.37.5.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.5.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.5.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.5.3
qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.5.3
qemu-hw-usb-host-6.2.0-150400.37.5.3
qemu-hw-usb-redirect-6.2.0-150400.37.5.3
qemu-ipxe-1.0.0+-150400.37.5.3
qemu-ksm-6.2.0-150400.37.5.3
qemu-kvm-6.2.0-150400.37.5.3
qemu-lang-6.2.0-150400.37.5.3
qemu-ppc-6.2.0-150400.37.5.3
qemu-s390x-6.2.0-150400.37.5.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.5.3
qemu-sgabios-8-150400.37.5.3
qemu-skiboot-6.2.0-150400.37.5.3
qemu-ui-curses-6.2.0-150400.37.5.3
qemu-ui-gtk-6.2.0-150400.37.5.3
qemu-ui-opengl-6.2.0-150400.37.5.3
qemu-ui-spice-app-6.2.0-150400.37.5.3
qemu-ui-spice-core-6.2.0-150400.37.5.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.5.3
qemu-x86-6.2.0-150400.37.5.3
openSUSE Leap 15.4
qemu-6.2.0-150400.37.5.3
qemu-SLOF-6.2.0-150400.37.5.3
qemu-accel-qtest-6.2.0-150400.37.5.3
qemu-accel-tcg-x86-6.2.0-150400.37.5.3
qemu-arm-6.2.0-150400.37.5.3
qemu-audio-alsa-6.2.0-150400.37.5.3
qemu-audio-jack-6.2.0-150400.37.5.3
qemu-audio-pa-6.2.0-150400.37.5.3
qemu-audio-spice-6.2.0-150400.37.5.3
qemu-block-curl-6.2.0-150400.37.5.3
qemu-block-dmg-6.2.0-150400.37.5.3
qemu-block-gluster-6.2.0-150400.37.5.3
qemu-block-iscsi-6.2.0-150400.37.5.3
qemu-block-nfs-6.2.0-150400.37.5.3
qemu-block-rbd-6.2.0-150400.37.5.3
qemu-block-ssh-6.2.0-150400.37.5.3
qemu-chardev-baum-6.2.0-150400.37.5.3
qemu-chardev-spice-6.2.0-150400.37.5.3
qemu-extra-6.2.0-150400.37.5.3
qemu-guest-agent-6.2.0-150400.37.5.3
qemu-hw-display-qxl-6.2.0-150400.37.5.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.5.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.5.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.5.3
qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.5.3
qemu-hw-usb-host-6.2.0-150400.37.5.3
qemu-hw-usb-redirect-6.2.0-150400.37.5.3
qemu-hw-usb-smartcard-6.2.0-150400.37.5.3
qemu-ipxe-1.0.0+-150400.37.5.3
qemu-ivshmem-tools-6.2.0-150400.37.5.3
qemu-ksm-6.2.0-150400.37.5.3
qemu-kvm-6.2.0-150400.37.5.3
qemu-lang-6.2.0-150400.37.5.3
qemu-linux-user-6.2.0-150400.37.5.1
qemu-microvm-6.2.0-150400.37.5.3
qemu-ppc-6.2.0-150400.37.5.3
qemu-s390x-6.2.0-150400.37.5.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.5.3
qemu-sgabios-8-150400.37.5.3
qemu-skiboot-6.2.0-150400.37.5.3
qemu-testsuite-6.2.0-150400.37.5.5
qemu-tools-6.2.0-150400.37.5.3
qemu-ui-curses-6.2.0-150400.37.5.3
qemu-ui-gtk-6.2.0-150400.37.5.3
qemu-ui-opengl-6.2.0-150400.37.5.3
qemu-ui-spice-app-6.2.0-150400.37.5.3
qemu-ui-spice-core-6.2.0-150400.37.5.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.5.3
qemu-vhost-user-gpu-6.2.0-150400.37.5.3
qemu-x86-6.2.0-150400.37.5.3
Ссылки
- Link for SUSE-SU-2022:2260-1
- E-Mail link for SUSE-SU-2022:2260-1
- SUSE Security Ratings
- SUSE Bug 1197084
- SUSE Bug 1198035
- SUSE Bug 1198037
- SUSE Bug 1198711
- SUSE Bug 1198712
- SUSE Bug 1199015
- SUSE Bug 1199018
- SUSE Bug 1199625
- SUSE Bug 1199924
- SUSE CVE CVE-2021-4206 page
- SUSE CVE CVE-2021-4207 page
- SUSE CVE CVE-2022-26353 page
- SUSE CVE CVE-2022-26354 page
Описание
A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Image SLES15-SP4-EC2-ECS-HVM:qemu-tools-6.2.0-150400.37.5.3
SUSE Linux Enterprise Module for Basesystem 15 SP4:qemu-tools-6.2.0-150400.37.5.3
Ссылки
- CVE-2021-4206
- SUSE Bug 1198035
- SUSE Bug 1211582
Описание
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Image SLES15-SP4-EC2-ECS-HVM:qemu-tools-6.2.0-150400.37.5.3
SUSE Linux Enterprise Module for Basesystem 15 SP4:qemu-tools-6.2.0-150400.37.5.3
Ссылки
- CVE-2021-4207
- SUSE Bug 1198037
Описание
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Image SLES15-SP4-EC2-ECS-HVM:qemu-tools-6.2.0-150400.37.5.3
SUSE Linux Enterprise Module for Basesystem 15 SP4:qemu-tools-6.2.0-150400.37.5.3
Ссылки
- CVE-2022-26353
- SUSE Bug 1198711
Описание
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.5.3
Image SLES15-SP4-EC2-ECS-HVM:qemu-tools-6.2.0-150400.37.5.3
SUSE Linux Enterprise Module for Basesystem 15 SP4:qemu-tools-6.2.0-150400.37.5.3
Ссылки
- CVE-2022-26354
- SUSE Bug 1198712