SUSE-SU-2024:0589-1

Опубликовано: 22 фев. 2024

Источник: suse-cvrf

Описание

Security update for qemu

This update for qemu fixes the following issues:

CVE-2021-3638: hw/display/ati_2d: Fix buffer overflow in ati_2d_blt (bsc#1188609)
CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request (bsc#1213925)
CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake (bsc#1212850)
[openSUSE] roms/ipxe: Backport 0aa2e4ec9635, in preparation of binutils 2.41 (bsc#1215311)
target/s390x: Fix the 'ignored match' case in VSTRS (bsc#1213210)
linux-user/elfload: Enable vxe2 on s390x (bsc#1213210)

Список пакетов

SUSE Linux Enterprise Module for Package Hub 15 SP5

qemu-SLOF-7.1.0-150500.49.9.2

qemu-accel-qtest-7.1.0-150500.49.9.2

qemu-accel-tcg-x86-7.1.0-150500.49.9.2

qemu-arm-7.1.0-150500.49.9.2

qemu-audio-alsa-7.1.0-150500.49.9.2

qemu-audio-jack-7.1.0-150500.49.9.2

qemu-audio-oss-7.1.0-150500.49.9.2

qemu-audio-pa-7.1.0-150500.49.9.2

qemu-audio-spice-7.1.0-150500.49.9.2

qemu-block-dmg-7.1.0-150500.49.9.2

qemu-block-gluster-7.1.0-150500.49.9.2

qemu-block-nfs-7.1.0-150500.49.9.2

qemu-chardev-spice-7.1.0-150500.49.9.2

qemu-extra-7.1.0-150500.49.9.2

qemu-hw-display-qxl-7.1.0-150500.49.9.2

qemu-hw-display-virtio-gpu-7.1.0-150500.49.9.2

qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.9.2

qemu-hw-display-virtio-vga-7.1.0-150500.49.9.2

qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.9.2

qemu-hw-usb-redirect-7.1.0-150500.49.9.2

qemu-hw-usb-smartcard-7.1.0-150500.49.9.2

qemu-ivshmem-tools-7.1.0-150500.49.9.2

qemu-microvm-7.1.0-150500.49.9.2

qemu-ppc-7.1.0-150500.49.9.2

qemu-s390x-7.1.0-150500.49.9.2

qemu-seabios-1.16.0_0_gd239552-150500.49.9.2

qemu-sgabios-8-150500.49.9.2

qemu-skiboot-7.1.0-150500.49.9.2

qemu-ui-gtk-7.1.0-150500.49.9.2

qemu-ui-opengl-7.1.0-150500.49.9.2

qemu-ui-spice-app-7.1.0-150500.49.9.2

qemu-ui-spice-core-7.1.0-150500.49.9.2

qemu-vgabios-1.16.0_0_gd239552-150500.49.9.2

qemu-vhost-user-gpu-7.1.0-150500.49.9.2

qemu-x86-7.1.0-150500.49.9.2

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20240589-1/
Link for SUSE-SU-2024:0589-1
https://lists.suse.com/pipermail/sle-security-updates/2024-February/017988.html
E-Mail link for SUSE-SU-2024:0589-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1188609
SUSE Bug 1188609
https://bugzilla.suse.com/1212850
SUSE Bug 1212850
https://bugzilla.suse.com/1213210
SUSE Bug 1213210
https://bugzilla.suse.com/1213925
SUSE Bug 1213925
https://bugzilla.suse.com/1215311
SUSE Bug 1215311
https://www.suse.com/security/cve/CVE-2021-3638/
SUSE CVE CVE-2021-3638 page
https://www.suse.com/security/cve/CVE-2023-3180/
SUSE CVE CVE-2023-3180 page
https://www.suse.com/security/cve/CVE-2023-3354/
SUSE CVE CVE-2023-3354 page

Описание

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Затронутые продукты

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-SLOF-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-accel-qtest-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-accel-tcg-x86-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-arm-7.1.0-150500.49.9.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-3638.html
CVE-2021-3638
https://bugzilla.suse.com/1188609
SUSE Bug 1188609

Описание

A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.

Затронутые продукты

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-SLOF-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-accel-qtest-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-accel-tcg-x86-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-arm-7.1.0-150500.49.9.2

Ссылки

https://www.suse.com/security/cve/CVE-2023-3180.html
CVE-2023-3180
https://bugzilla.suse.com/1213925
SUSE Bug 1213925

Описание

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.

Затронутые продукты

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-SLOF-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-accel-qtest-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-accel-tcg-x86-7.1.0-150500.49.9.2

SUSE Linux Enterprise Module for Package Hub 15 SP5:qemu-arm-7.1.0-150500.49.9.2

Ссылки

https://www.suse.com/security/cve/CVE-2023-3354.html
CVE-2023-3354
https://bugzilla.suse.com/1212850
SUSE Bug 1212850

SUSE-SU-2024:0589-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Package Hub 15 SP5

Ссылки

Уязвимость: CVE-2021-3638

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-3180

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-3354

Описание

Затронутые продукты

Ссылки