SUSE-SU-2024:3396-1

Опубликовано: 23 сент. 2024

Источник: suse-cvrf

Описание

Security update for qemu

This update for qemu fixes the following issues:

CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command (bsc#1227322)

Список пакетов

Container suse/sle-micro-rancher/5.3:latest

qemu-guest-agent-6.2.0-150400.37.34.1

Container suse/sle-micro-rancher/5.4:latest

qemu-guest-agent-6.2.0-150400.37.34.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

qemu-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-arm-6.2.0-150400.37.34.1

qemu-audio-alsa-6.2.0-150400.37.34.1

qemu-audio-pa-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-block-curl-6.2.0-150400.37.34.1

qemu-block-iscsi-6.2.0-150400.37.34.1

qemu-block-rbd-6.2.0-150400.37.34.1

qemu-block-ssh-6.2.0-150400.37.34.1

qemu-chardev-baum-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-usb-host-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-ksm-6.2.0-150400.37.34.1

qemu-kvm-6.2.0-150400.37.34.1

qemu-lang-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-curses-6.2.0-150400.37.34.1

qemu-ui-gtk-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-app-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

qemu-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-arm-6.2.0-150400.37.34.1

qemu-audio-alsa-6.2.0-150400.37.34.1

qemu-audio-pa-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-block-curl-6.2.0-150400.37.34.1

qemu-block-iscsi-6.2.0-150400.37.34.1

qemu-block-rbd-6.2.0-150400.37.34.1

qemu-block-ssh-6.2.0-150400.37.34.1

qemu-chardev-baum-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-usb-host-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-ksm-6.2.0-150400.37.34.1

qemu-kvm-6.2.0-150400.37.34.1

qemu-lang-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-curses-6.2.0-150400.37.34.1

qemu-ui-gtk-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-app-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

SUSE Linux Enterprise Micro 5.3

qemu-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-arm-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-s390x-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

SUSE Linux Enterprise Micro 5.4

qemu-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-arm-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-s390x-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

SUSE Linux Enterprise Server 15 SP4-LTSS

qemu-6.2.0-150400.37.34.1

qemu-SLOF-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-arm-6.2.0-150400.37.34.1

qemu-audio-alsa-6.2.0-150400.37.34.1

qemu-audio-pa-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-block-curl-6.2.0-150400.37.34.1

qemu-block-iscsi-6.2.0-150400.37.34.1

qemu-block-rbd-6.2.0-150400.37.34.1

qemu-block-ssh-6.2.0-150400.37.34.1

qemu-chardev-baum-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.34.1

qemu-hw-usb-host-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-ksm-6.2.0-150400.37.34.1

qemu-kvm-6.2.0-150400.37.34.1

qemu-lang-6.2.0-150400.37.34.1

qemu-ppc-6.2.0-150400.37.34.1

qemu-s390x-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-skiboot-6.2.0-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-curses-6.2.0-150400.37.34.1

qemu-ui-gtk-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-app-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

SUSE Linux Enterprise Server for SAP Applications 15 SP4

qemu-6.2.0-150400.37.34.1

qemu-SLOF-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-audio-alsa-6.2.0-150400.37.34.1

qemu-audio-pa-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-block-curl-6.2.0-150400.37.34.1

qemu-block-iscsi-6.2.0-150400.37.34.1

qemu-block-rbd-6.2.0-150400.37.34.1

qemu-block-ssh-6.2.0-150400.37.34.1

qemu-chardev-baum-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-usb-host-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-ksm-6.2.0-150400.37.34.1

qemu-kvm-6.2.0-150400.37.34.1

qemu-lang-6.2.0-150400.37.34.1

qemu-ppc-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-skiboot-6.2.0-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-curses-6.2.0-150400.37.34.1

qemu-ui-gtk-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-app-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

SUSE Manager Proxy 4.3

qemu-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-audio-alsa-6.2.0-150400.37.34.1

qemu-audio-pa-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-block-curl-6.2.0-150400.37.34.1

qemu-block-iscsi-6.2.0-150400.37.34.1

qemu-block-rbd-6.2.0-150400.37.34.1

qemu-block-ssh-6.2.0-150400.37.34.1

qemu-chardev-baum-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-usb-host-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-ksm-6.2.0-150400.37.34.1

qemu-kvm-6.2.0-150400.37.34.1

qemu-lang-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-curses-6.2.0-150400.37.34.1

qemu-ui-gtk-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-app-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

SUSE Manager Server 4.3

qemu-6.2.0-150400.37.34.1

qemu-SLOF-6.2.0-150400.37.34.1

qemu-accel-tcg-x86-6.2.0-150400.37.34.1

qemu-audio-alsa-6.2.0-150400.37.34.1

qemu-audio-pa-6.2.0-150400.37.34.1

qemu-audio-spice-6.2.0-150400.37.34.1

qemu-block-curl-6.2.0-150400.37.34.1

qemu-block-iscsi-6.2.0-150400.37.34.1

qemu-block-rbd-6.2.0-150400.37.34.1

qemu-block-ssh-6.2.0-150400.37.34.1

qemu-chardev-baum-6.2.0-150400.37.34.1

qemu-chardev-spice-6.2.0-150400.37.34.1

qemu-guest-agent-6.2.0-150400.37.34.1

qemu-hw-display-qxl-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1

qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.34.1

qemu-hw-usb-host-6.2.0-150400.37.34.1

qemu-hw-usb-redirect-6.2.0-150400.37.34.1

qemu-ipxe-1.0.0+-150400.37.34.1

qemu-ksm-6.2.0-150400.37.34.1

qemu-kvm-6.2.0-150400.37.34.1

qemu-lang-6.2.0-150400.37.34.1

qemu-ppc-6.2.0-150400.37.34.1

qemu-s390x-6.2.0-150400.37.34.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-sgabios-8-150400.37.34.1

qemu-skiboot-6.2.0-150400.37.34.1

qemu-tools-6.2.0-150400.37.34.1

qemu-ui-curses-6.2.0-150400.37.34.1

qemu-ui-gtk-6.2.0-150400.37.34.1

qemu-ui-opengl-6.2.0-150400.37.34.1

qemu-ui-spice-app-6.2.0-150400.37.34.1

qemu-ui-spice-core-6.2.0-150400.37.34.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1

qemu-x86-6.2.0-150400.37.34.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20243396-1/
Link for SUSE-SU-2024:3396-1
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019504.html
E-Mail link for SUSE-SU-2024:3396-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1227322
SUSE Bug 1227322
https://bugzilla.suse.com/1230363
SUSE Bug 1230363
https://www.suse.com/security/cve/CVE-2024-4467/
SUSE CVE CVE-2024-4467 page

Описание

A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.

Затронутые продукты

Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.34.1

Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.34.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-6.2.0-150400.37.34.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-accel-tcg-x86-6.2.0-150400.37.34.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-4467.html
CVE-2024-4467
https://bugzilla.suse.com/1227322
SUSE Bug 1227322

SUSE-SU-2024:3396-1

Описание

Список пакетов

Container suse/sle-micro-rancher/5.3:latest

Container suse/sle-micro-rancher/5.4:latest

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Micro 5.4

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Manager Proxy 4.3

SUSE Manager Server 4.3

Ссылки

Уязвимость: CVE-2024-4467

Описание

Затронутые продукты

Ссылки