SUSE-SU-2023:0879-1

Опубликовано: 23 мар. 2023

Источник: suse-cvrf

Описание

Security update for qemu

This update for qemu fixes the following issues:

CVE-2021-3507: Fixed heap buffer overflow in DMA read data transfers in fdc (bsc#1185000).
CVE-2020-14394: Fixed infinite loop in xhci_ring_chain_length() (bsc#1180207).

Список пакетов

Container suse/sle-micro-rancher/5.3:latest

qemu-guest-agent-6.2.0-150400.37.14.2

Container suse/sle-micro-rancher/5.4:latest

qemu-guest-agent-6.2.0-150400.37.14.2

Image SLES15-SP4-EC2-ECS-HVM

qemu-tools-6.2.0-150400.37.14.2

SUSE Linux Enterprise Micro 5.3

qemu-6.2.0-150400.37.14.2

qemu-accel-tcg-x86-6.2.0-150400.37.14.2

qemu-arm-6.2.0-150400.37.14.2

qemu-audio-spice-6.2.0-150400.37.14.2

qemu-chardev-spice-6.2.0-150400.37.14.2

qemu-guest-agent-6.2.0-150400.37.14.2

qemu-hw-display-qxl-6.2.0-150400.37.14.2

qemu-hw-display-virtio-gpu-6.2.0-150400.37.14.2

qemu-hw-display-virtio-vga-6.2.0-150400.37.14.2

qemu-hw-usb-redirect-6.2.0-150400.37.14.2

qemu-ipxe-1.0.0+-150400.37.14.2

qemu-s390x-6.2.0-150400.37.14.2

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-sgabios-8-150400.37.14.2

qemu-tools-6.2.0-150400.37.14.2

qemu-ui-opengl-6.2.0-150400.37.14.2

qemu-ui-spice-core-6.2.0-150400.37.14.2

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-x86-6.2.0-150400.37.14.2

SUSE Linux Enterprise Module for Basesystem 15 SP4

qemu-tools-6.2.0-150400.37.14.2

SUSE Linux Enterprise Module for Server Applications 15 SP4

qemu-6.2.0-150400.37.14.2

qemu-SLOF-6.2.0-150400.37.14.2

qemu-accel-tcg-x86-6.2.0-150400.37.14.2

qemu-arm-6.2.0-150400.37.14.2

qemu-audio-alsa-6.2.0-150400.37.14.2

qemu-audio-pa-6.2.0-150400.37.14.2

qemu-audio-spice-6.2.0-150400.37.14.2

qemu-block-curl-6.2.0-150400.37.14.2

qemu-block-iscsi-6.2.0-150400.37.14.2

qemu-block-rbd-6.2.0-150400.37.14.2

qemu-block-ssh-6.2.0-150400.37.14.2

qemu-chardev-baum-6.2.0-150400.37.14.2

qemu-chardev-spice-6.2.0-150400.37.14.2

qemu-guest-agent-6.2.0-150400.37.14.2

qemu-hw-display-qxl-6.2.0-150400.37.14.2

qemu-hw-display-virtio-gpu-6.2.0-150400.37.14.2

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.14.2

qemu-hw-display-virtio-vga-6.2.0-150400.37.14.2

qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.14.2

qemu-hw-usb-host-6.2.0-150400.37.14.2

qemu-hw-usb-redirect-6.2.0-150400.37.14.2

qemu-ipxe-1.0.0+-150400.37.14.2

qemu-ksm-6.2.0-150400.37.14.2

qemu-kvm-6.2.0-150400.37.14.2

qemu-lang-6.2.0-150400.37.14.2

qemu-ppc-6.2.0-150400.37.14.2

qemu-s390x-6.2.0-150400.37.14.2

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-sgabios-8-150400.37.14.2

qemu-skiboot-6.2.0-150400.37.14.2

qemu-ui-curses-6.2.0-150400.37.14.2

qemu-ui-gtk-6.2.0-150400.37.14.2

qemu-ui-opengl-6.2.0-150400.37.14.2

qemu-ui-spice-app-6.2.0-150400.37.14.2

qemu-ui-spice-core-6.2.0-150400.37.14.2

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-x86-6.2.0-150400.37.14.2

openSUSE Leap 15.4

qemu-6.2.0-150400.37.14.2

qemu-SLOF-6.2.0-150400.37.14.2

qemu-accel-qtest-6.2.0-150400.37.14.2

qemu-accel-tcg-x86-6.2.0-150400.37.14.2

qemu-arm-6.2.0-150400.37.14.2

qemu-audio-alsa-6.2.0-150400.37.14.2

qemu-audio-jack-6.2.0-150400.37.14.2

qemu-audio-pa-6.2.0-150400.37.14.2

qemu-audio-spice-6.2.0-150400.37.14.2

qemu-block-curl-6.2.0-150400.37.14.2

qemu-block-dmg-6.2.0-150400.37.14.2

qemu-block-gluster-6.2.0-150400.37.14.2

qemu-block-iscsi-6.2.0-150400.37.14.2

qemu-block-nfs-6.2.0-150400.37.14.2

qemu-block-rbd-6.2.0-150400.37.14.2

qemu-block-ssh-6.2.0-150400.37.14.2

qemu-chardev-baum-6.2.0-150400.37.14.2

qemu-chardev-spice-6.2.0-150400.37.14.2

qemu-extra-6.2.0-150400.37.14.2

qemu-guest-agent-6.2.0-150400.37.14.2

qemu-hw-display-qxl-6.2.0-150400.37.14.2

qemu-hw-display-virtio-gpu-6.2.0-150400.37.14.2

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.14.2

qemu-hw-display-virtio-vga-6.2.0-150400.37.14.2

qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.14.2

qemu-hw-usb-host-6.2.0-150400.37.14.2

qemu-hw-usb-redirect-6.2.0-150400.37.14.2

qemu-hw-usb-smartcard-6.2.0-150400.37.14.2

qemu-ipxe-1.0.0+-150400.37.14.2

qemu-ivshmem-tools-6.2.0-150400.37.14.2

qemu-ksm-6.2.0-150400.37.14.2

qemu-kvm-6.2.0-150400.37.14.2

qemu-lang-6.2.0-150400.37.14.2

qemu-linux-user-6.2.0-150400.37.14.1

qemu-microvm-6.2.0-150400.37.14.2

qemu-ppc-6.2.0-150400.37.14.2

qemu-s390x-6.2.0-150400.37.14.2

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-sgabios-8-150400.37.14.2

qemu-skiboot-6.2.0-150400.37.14.2

qemu-testsuite-6.2.0-150400.37.14.1

qemu-tools-6.2.0-150400.37.14.2

qemu-ui-curses-6.2.0-150400.37.14.2

qemu-ui-gtk-6.2.0-150400.37.14.2

qemu-ui-opengl-6.2.0-150400.37.14.2

qemu-ui-spice-app-6.2.0-150400.37.14.2

qemu-ui-spice-core-6.2.0-150400.37.14.2

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-vhost-user-gpu-6.2.0-150400.37.14.2

qemu-x86-6.2.0-150400.37.14.2

openSUSE Leap Micro 5.3

qemu-6.2.0-150400.37.14.2

qemu-accel-tcg-x86-6.2.0-150400.37.14.2

qemu-arm-6.2.0-150400.37.14.2

qemu-audio-spice-6.2.0-150400.37.14.2

qemu-chardev-spice-6.2.0-150400.37.14.2

qemu-guest-agent-6.2.0-150400.37.14.2

qemu-hw-display-qxl-6.2.0-150400.37.14.2

qemu-hw-display-virtio-gpu-6.2.0-150400.37.14.2

qemu-hw-display-virtio-vga-6.2.0-150400.37.14.2

qemu-hw-usb-redirect-6.2.0-150400.37.14.2

qemu-ipxe-1.0.0+-150400.37.14.2

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-sgabios-8-150400.37.14.2

qemu-tools-6.2.0-150400.37.14.2

qemu-ui-opengl-6.2.0-150400.37.14.2

qemu-ui-spice-core-6.2.0-150400.37.14.2

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.14.2

qemu-x86-6.2.0-150400.37.14.2

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230879-1/
Link for SUSE-SU-2023:0879-1
https://lists.suse.com/pipermail/sle-security-updates/2023-March/014145.html
E-Mail link for SUSE-SU-2023:0879-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1180207
SUSE Bug 1180207
https://bugzilla.suse.com/1185000
SUSE Bug 1185000
https://www.suse.com/security/cve/CVE-2020-14394/
SUSE CVE CVE-2020-14394 page
https://www.suse.com/security/cve/CVE-2021-3507/
SUSE CVE CVE-2021-3507 page

Описание

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.

Затронутые продукты

Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.14.2

Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.14.2

Image SLES15-SP4-EC2-ECS-HVM:qemu-tools-6.2.0-150400.37.14.2

SUSE Linux Enterprise Micro 5.3:qemu-6.2.0-150400.37.14.2

Ссылки

https://www.suse.com/security/cve/CVE-2020-14394.html
CVE-2020-14394
https://bugzilla.suse.com/1180207
SUSE Bug 1180207

Описание

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.

Затронутые продукты

Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.14.2

Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.14.2

Image SLES15-SP4-EC2-ECS-HVM:qemu-tools-6.2.0-150400.37.14.2

SUSE Linux Enterprise Micro 5.3:qemu-6.2.0-150400.37.14.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-3507.html
CVE-2021-3507
https://bugzilla.suse.com/1185000
SUSE Bug 1185000

SUSE-SU-2023:0879-1

Описание

Список пакетов

Container suse/sle-micro-rancher/5.3:latest

Container suse/sle-micro-rancher/5.4:latest

Image SLES15-SP4-EC2-ECS-HVM

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Server Applications 15 SP4

openSUSE Leap 15.4

openSUSE Leap Micro 5.3

Ссылки

Уязвимость: CVE-2020-14394

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-3507

Описание

Затронутые продукты

Ссылки