Описание
Security update for qemu
This update for qemu fixes the following issues:
- CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. (bsc#1207205)
- CVE-2023-3354: Fixed a remote unauthenticated DoS due to an improper I/O watch removal in VNC TLS handshake. (bsc#1212850)
- CVE-2023-3180: Fixed a heap buffer overflow in virtio_crypto_sym_op_helper(). (bsc#1213925)
- CVE-2021-3638: Fixed an out-of-bounds write due to an inconsistent check in ati_2d_blt(). (bsc#1188609)
- CVE-2023-3301: Fixed a DoS due to an assertion failure. (bsc#1213414)
- CVE-2021-3750: Fixed an use-after-free in DMA reentrancy issue. (bsc#1190011)
Список пакетов
Container suse/sle-micro-rancher/5.2:latest
qemu-guest-agent-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1
qemu-5.2.0-150300.127.3
qemu-arm-5.2.0-150300.127.3
qemu-audio-alsa-5.2.0-150300.127.3
qemu-audio-pa-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-block-curl-5.2.0-150300.127.3
qemu-block-iscsi-5.2.0-150300.127.3
qemu-block-rbd-5.2.0-150300.127.3
qemu-block-ssh-5.2.0-150300.127.3
qemu-chardev-baum-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-ksm-5.2.0-150300.127.3
qemu-kvm-5.2.0-150300.127.3
qemu-lang-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-curses-5.2.0-150300.127.3
qemu-ui-gtk-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-app-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
qemu-5.2.0-150300.127.3
qemu-arm-5.2.0-150300.127.3
qemu-audio-alsa-5.2.0-150300.127.3
qemu-audio-pa-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-block-curl-5.2.0-150300.127.3
qemu-block-iscsi-5.2.0-150300.127.3
qemu-block-rbd-5.2.0-150300.127.3
qemu-block-ssh-5.2.0-150300.127.3
qemu-chardev-baum-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-ksm-5.2.0-150300.127.3
qemu-kvm-5.2.0-150300.127.3
qemu-lang-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-curses-5.2.0-150300.127.3
qemu-ui-gtk-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-app-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
qemu-5.2.0-150300.127.3
qemu-arm-5.2.0-150300.127.3
qemu-audio-alsa-5.2.0-150300.127.3
qemu-audio-pa-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-block-curl-5.2.0-150300.127.3
qemu-block-iscsi-5.2.0-150300.127.3
qemu-block-rbd-5.2.0-150300.127.3
qemu-block-ssh-5.2.0-150300.127.3
qemu-chardev-baum-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-ksm-5.2.0-150300.127.3
qemu-kvm-5.2.0-150300.127.3
qemu-lang-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-curses-5.2.0-150300.127.3
qemu-ui-gtk-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-app-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Linux Enterprise Micro 5.1
qemu-5.2.0-150300.127.3
qemu-arm-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-s390x-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Linux Enterprise Micro 5.2
qemu-5.2.0-150300.127.3
qemu-arm-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-s390x-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Linux Enterprise Server 15 SP3-LTSS
qemu-5.2.0-150300.127.3
qemu-SLOF-5.2.0-150300.127.3
qemu-arm-5.2.0-150300.127.3
qemu-audio-alsa-5.2.0-150300.127.3
qemu-audio-pa-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-block-curl-5.2.0-150300.127.3
qemu-block-iscsi-5.2.0-150300.127.3
qemu-block-rbd-5.2.0-150300.127.3
qemu-block-ssh-5.2.0-150300.127.3
qemu-chardev-baum-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-ksm-5.2.0-150300.127.3
qemu-kvm-5.2.0-150300.127.3
qemu-lang-5.2.0-150300.127.3
qemu-ppc-5.2.0-150300.127.3
qemu-s390x-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-skiboot-5.2.0-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-curses-5.2.0-150300.127.3
qemu-ui-gtk-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-app-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
qemu-5.2.0-150300.127.3
qemu-SLOF-5.2.0-150300.127.3
qemu-audio-alsa-5.2.0-150300.127.3
qemu-audio-pa-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-block-curl-5.2.0-150300.127.3
qemu-block-iscsi-5.2.0-150300.127.3
qemu-block-rbd-5.2.0-150300.127.3
qemu-block-ssh-5.2.0-150300.127.3
qemu-chardev-baum-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-ksm-5.2.0-150300.127.3
qemu-kvm-5.2.0-150300.127.3
qemu-lang-5.2.0-150300.127.3
qemu-ppc-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-skiboot-5.2.0-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-curses-5.2.0-150300.127.3
qemu-ui-gtk-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-app-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Manager Proxy 4.2
qemu-5.2.0-150300.127.3
qemu-audio-alsa-5.2.0-150300.127.3
qemu-audio-pa-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-block-curl-5.2.0-150300.127.3
qemu-block-iscsi-5.2.0-150300.127.3
qemu-block-rbd-5.2.0-150300.127.3
qemu-block-ssh-5.2.0-150300.127.3
qemu-chardev-baum-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-ksm-5.2.0-150300.127.3
qemu-kvm-5.2.0-150300.127.3
qemu-lang-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-curses-5.2.0-150300.127.3
qemu-ui-gtk-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-app-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
SUSE Manager Server 4.2
qemu-5.2.0-150300.127.3
qemu-SLOF-5.2.0-150300.127.3
qemu-audio-alsa-5.2.0-150300.127.3
qemu-audio-pa-5.2.0-150300.127.3
qemu-audio-spice-5.2.0-150300.127.3
qemu-block-curl-5.2.0-150300.127.3
qemu-block-iscsi-5.2.0-150300.127.3
qemu-block-rbd-5.2.0-150300.127.3
qemu-block-ssh-5.2.0-150300.127.3
qemu-chardev-baum-5.2.0-150300.127.3
qemu-chardev-spice-5.2.0-150300.127.3
qemu-guest-agent-5.2.0-150300.127.3
qemu-hw-display-qxl-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-5.2.0-150300.127.3
qemu-hw-display-virtio-gpu-pci-5.2.0-150300.127.3
qemu-hw-display-virtio-vga-5.2.0-150300.127.3
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.127.3
qemu-hw-usb-redirect-5.2.0-150300.127.3
qemu-ipxe-1.0.0+-150300.127.3
qemu-ksm-5.2.0-150300.127.3
qemu-kvm-5.2.0-150300.127.3
qemu-lang-5.2.0-150300.127.3
qemu-ppc-5.2.0-150300.127.3
qemu-s390x-5.2.0-150300.127.3
qemu-seabios-1.14.0_0_g155821a-150300.127.3
qemu-sgabios-8-150300.127.3
qemu-skiboot-5.2.0-150300.127.3
qemu-tools-5.2.0-150300.127.3
qemu-ui-curses-5.2.0-150300.127.3
qemu-ui-gtk-5.2.0-150300.127.3
qemu-ui-opengl-5.2.0-150300.127.3
qemu-ui-spice-app-5.2.0-150300.127.3
qemu-ui-spice-core-5.2.0-150300.127.3
qemu-vgabios-1.14.0_0_g155821a-150300.127.3
qemu-x86-5.2.0-150300.127.3
Ссылки
- Link for SUSE-SU-2023:3444-1
- E-Mail link for SUSE-SU-2023:3444-1
- SUSE Security Ratings
- SUSE Bug 1188609
- SUSE Bug 1190011
- SUSE Bug 1207205
- SUSE Bug 1212850
- SUSE Bug 1213414
- SUSE Bug 1213925
- SUSE CVE CVE-2021-3638 page
- SUSE CVE CVE-2021-3750 page
- SUSE CVE CVE-2023-0330 page
- SUSE CVE CVE-2023-3180 page
- SUSE CVE CVE-2023-3301 page
- SUSE CVE CVE-2023-3354 page
Описание
An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-arm-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-audio-alsa-5.2.0-150300.127.3
Ссылки
- CVE-2021-3638
- SUSE Bug 1188609
Описание
A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code within the context of the QEMU process on the host. This flaw affects QEMU versions before 7.0.0.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-arm-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-audio-alsa-5.2.0-150300.127.3
Ссылки
- CVE-2021-3750
- SUSE Bug 1190011
- SUSE Bug 1190015
- SUSE Bug 1193880
Описание
A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-arm-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-audio-alsa-5.2.0-150300.127.3
Ссылки
- CVE-2023-0330
- SUSE Bug 1207205
Описание
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-arm-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-audio-alsa-5.2.0-150300.127.3
Ссылки
- CVE-2023-3180
- SUSE Bug 1213925
Описание
A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-arm-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-audio-alsa-5.2.0-150300.127.3
Ссылки
- CVE-2023-3301
- SUSE Bug 1213414
Описание
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:qemu-guest-agent-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-arm-5.2.0-150300.127.3
SUSE Enterprise Storage 7.1:qemu-audio-alsa-5.2.0-150300.127.3
Ссылки
- CVE-2023-3354
- SUSE Bug 1212850