Описание
Security update for qemu
This update for qemu fixes the following issues:
- CVE-2022-4144: Fixed unsafe address translation can lead to out-of-bounds read in qxl_phys2virt (bsc#1205808).
- CVE-2021-3507: Fixed heap buffer overflow in DMA read data transfers in fdc (bsc#1185000).
The following non-security bugs were fixed:
- Fix bsc#1202364.
- Introduce max_hw_iov for use in scsi-generic (bsc#1190425)
Список пакетов
SUSE Enterprise Storage 7
qemu-4.2.1-150200.72.2
qemu-arm-4.2.1-150200.72.2
qemu-audio-alsa-4.2.1-150200.72.2
qemu-audio-pa-4.2.1-150200.72.2
qemu-block-curl-4.2.1-150200.72.2
qemu-block-iscsi-4.2.1-150200.72.2
qemu-block-rbd-4.2.1-150200.72.2
qemu-block-ssh-4.2.1-150200.72.2
qemu-guest-agent-4.2.1-150200.72.2
qemu-ipxe-1.0.0+-150200.72.2
qemu-kvm-4.2.1-150200.72.2
qemu-lang-4.2.1-150200.72.2
qemu-microvm-4.2.1-150200.72.2
qemu-seabios-1.12.1+-150200.72.2
qemu-sgabios-8-150200.72.2
qemu-tools-4.2.1-150200.72.2
qemu-ui-curses-4.2.1-150200.72.2
qemu-ui-gtk-4.2.1-150200.72.2
qemu-ui-spice-app-4.2.1-150200.72.2
qemu-vgabios-1.12.1+-150200.72.2
qemu-x86-4.2.1-150200.72.2
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
qemu-4.2.1-150200.72.2
qemu-arm-4.2.1-150200.72.2
qemu-audio-alsa-4.2.1-150200.72.2
qemu-audio-pa-4.2.1-150200.72.2
qemu-block-curl-4.2.1-150200.72.2
qemu-block-iscsi-4.2.1-150200.72.2
qemu-block-rbd-4.2.1-150200.72.2
qemu-block-ssh-4.2.1-150200.72.2
qemu-guest-agent-4.2.1-150200.72.2
qemu-ipxe-1.0.0+-150200.72.2
qemu-kvm-4.2.1-150200.72.2
qemu-lang-4.2.1-150200.72.2
qemu-microvm-4.2.1-150200.72.2
qemu-seabios-1.12.1+-150200.72.2
qemu-sgabios-8-150200.72.2
qemu-tools-4.2.1-150200.72.2
qemu-ui-curses-4.2.1-150200.72.2
qemu-ui-gtk-4.2.1-150200.72.2
qemu-ui-spice-app-4.2.1-150200.72.2
qemu-vgabios-1.12.1+-150200.72.2
qemu-x86-4.2.1-150200.72.2
SUSE Linux Enterprise Server 15 SP2-LTSS
qemu-4.2.1-150200.72.2
qemu-arm-4.2.1-150200.72.2
qemu-audio-alsa-4.2.1-150200.72.2
qemu-audio-pa-4.2.1-150200.72.2
qemu-block-curl-4.2.1-150200.72.2
qemu-block-iscsi-4.2.1-150200.72.2
qemu-block-rbd-4.2.1-150200.72.2
qemu-block-ssh-4.2.1-150200.72.2
qemu-guest-agent-4.2.1-150200.72.2
qemu-ipxe-1.0.0+-150200.72.2
qemu-kvm-4.2.1-150200.72.2
qemu-lang-4.2.1-150200.72.2
qemu-microvm-4.2.1-150200.72.2
qemu-ppc-4.2.1-150200.72.2
qemu-s390-4.2.1-150200.72.2
qemu-seabios-1.12.1+-150200.72.2
qemu-sgabios-8-150200.72.2
qemu-tools-4.2.1-150200.72.2
qemu-ui-curses-4.2.1-150200.72.2
qemu-ui-gtk-4.2.1-150200.72.2
qemu-ui-spice-app-4.2.1-150200.72.2
qemu-vgabios-1.12.1+-150200.72.2
qemu-x86-4.2.1-150200.72.2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
qemu-4.2.1-150200.72.2
qemu-audio-alsa-4.2.1-150200.72.2
qemu-audio-pa-4.2.1-150200.72.2
qemu-block-curl-4.2.1-150200.72.2
qemu-block-iscsi-4.2.1-150200.72.2
qemu-block-rbd-4.2.1-150200.72.2
qemu-block-ssh-4.2.1-150200.72.2
qemu-guest-agent-4.2.1-150200.72.2
qemu-ipxe-1.0.0+-150200.72.2
qemu-kvm-4.2.1-150200.72.2
qemu-lang-4.2.1-150200.72.2
qemu-microvm-4.2.1-150200.72.2
qemu-ppc-4.2.1-150200.72.2
qemu-seabios-1.12.1+-150200.72.2
qemu-sgabios-8-150200.72.2
qemu-tools-4.2.1-150200.72.2
qemu-ui-curses-4.2.1-150200.72.2
qemu-ui-gtk-4.2.1-150200.72.2
qemu-ui-spice-app-4.2.1-150200.72.2
qemu-vgabios-1.12.1+-150200.72.2
qemu-x86-4.2.1-150200.72.2
openSUSE Leap 15.4
qemu-s390-4.2.1-150200.72.2
Ссылки
- Link for SUSE-SU-2023:0878-1
- E-Mail link for SUSE-SU-2023:0878-1
- SUSE Security Ratings
- SUSE Bug 1185000
- SUSE Bug 1190425
- SUSE Bug 1202364
- SUSE Bug 1205808
- SUSE CVE CVE-2021-3507 page
- SUSE CVE CVE-2022-4144 page
Описание
A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.
Затронутые продукты
SUSE Enterprise Storage 7:qemu-4.2.1-150200.72.2
SUSE Enterprise Storage 7:qemu-arm-4.2.1-150200.72.2
SUSE Enterprise Storage 7:qemu-audio-alsa-4.2.1-150200.72.2
SUSE Enterprise Storage 7:qemu-audio-pa-4.2.1-150200.72.2
Ссылки
- CVE-2021-3507
- SUSE Bug 1185000
Описание
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.
Затронутые продукты
SUSE Enterprise Storage 7:qemu-4.2.1-150200.72.2
SUSE Enterprise Storage 7:qemu-arm-4.2.1-150200.72.2
SUSE Enterprise Storage 7:qemu-audio-alsa-4.2.1-150200.72.2
SUSE Enterprise Storage 7:qemu-audio-pa-4.2.1-150200.72.2
Ссылки
- CVE-2022-4144
- SUSE Bug 1205808