Описание
Security update for qemu
This update for qemu fixes the following issues:
- CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007)
- CVE-2024-8354: Fixed assertion failure in usb_ep_get() in usb (bsc#1230834)
- CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915)
Список пакетов
Container suse/sle-micro-rancher/5.3:latest
qemu-guest-agent-6.2.0-150400.37.37.3
Container suse/sle-micro-rancher/5.4:latest
qemu-guest-agent-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
qemu-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-arm-6.2.0-150400.37.37.3
qemu-audio-alsa-6.2.0-150400.37.37.3
qemu-audio-pa-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-block-curl-6.2.0-150400.37.37.3
qemu-block-iscsi-6.2.0-150400.37.37.3
qemu-block-rbd-6.2.0-150400.37.37.3
qemu-block-ssh-6.2.0-150400.37.37.3
qemu-chardev-baum-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-usb-host-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-ksm-6.2.0-150400.37.37.3
qemu-kvm-6.2.0-150400.37.37.3
qemu-lang-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-curses-6.2.0-150400.37.37.3
qemu-ui-gtk-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-app-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
qemu-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-arm-6.2.0-150400.37.37.3
qemu-audio-alsa-6.2.0-150400.37.37.3
qemu-audio-pa-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-block-curl-6.2.0-150400.37.37.3
qemu-block-iscsi-6.2.0-150400.37.37.3
qemu-block-rbd-6.2.0-150400.37.37.3
qemu-block-ssh-6.2.0-150400.37.37.3
qemu-chardev-baum-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-usb-host-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-ksm-6.2.0-150400.37.37.3
qemu-kvm-6.2.0-150400.37.37.3
qemu-lang-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-curses-6.2.0-150400.37.37.3
qemu-ui-gtk-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-app-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
SUSE Linux Enterprise Micro 5.3
qemu-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-arm-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-s390x-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
SUSE Linux Enterprise Micro 5.4
qemu-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-arm-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-s390x-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
SUSE Linux Enterprise Server 15 SP4-LTSS
qemu-6.2.0-150400.37.37.3
qemu-SLOF-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-arm-6.2.0-150400.37.37.3
qemu-audio-alsa-6.2.0-150400.37.37.3
qemu-audio-pa-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-block-curl-6.2.0-150400.37.37.3
qemu-block-iscsi-6.2.0-150400.37.37.3
qemu-block-rbd-6.2.0-150400.37.37.3
qemu-block-ssh-6.2.0-150400.37.37.3
qemu-chardev-baum-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.37.3
qemu-hw-usb-host-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-ksm-6.2.0-150400.37.37.3
qemu-kvm-6.2.0-150400.37.37.3
qemu-lang-6.2.0-150400.37.37.3
qemu-ppc-6.2.0-150400.37.37.3
qemu-s390x-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-skiboot-6.2.0-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-curses-6.2.0-150400.37.37.3
qemu-ui-gtk-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-app-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
qemu-6.2.0-150400.37.37.3
qemu-SLOF-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-audio-alsa-6.2.0-150400.37.37.3
qemu-audio-pa-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-block-curl-6.2.0-150400.37.37.3
qemu-block-iscsi-6.2.0-150400.37.37.3
qemu-block-rbd-6.2.0-150400.37.37.3
qemu-block-ssh-6.2.0-150400.37.37.3
qemu-chardev-baum-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-usb-host-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-ksm-6.2.0-150400.37.37.3
qemu-kvm-6.2.0-150400.37.37.3
qemu-lang-6.2.0-150400.37.37.3
qemu-ppc-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-skiboot-6.2.0-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-curses-6.2.0-150400.37.37.3
qemu-ui-gtk-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-app-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
SUSE Manager Proxy 4.3
qemu-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-audio-alsa-6.2.0-150400.37.37.3
qemu-audio-pa-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-block-curl-6.2.0-150400.37.37.3
qemu-block-iscsi-6.2.0-150400.37.37.3
qemu-block-rbd-6.2.0-150400.37.37.3
qemu-block-ssh-6.2.0-150400.37.37.3
qemu-chardev-baum-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-usb-host-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-ksm-6.2.0-150400.37.37.3
qemu-kvm-6.2.0-150400.37.37.3
qemu-lang-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-curses-6.2.0-150400.37.37.3
qemu-ui-gtk-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-app-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
SUSE Manager Server 4.3
qemu-6.2.0-150400.37.37.3
qemu-SLOF-6.2.0-150400.37.37.3
qemu-accel-tcg-x86-6.2.0-150400.37.37.3
qemu-audio-alsa-6.2.0-150400.37.37.3
qemu-audio-pa-6.2.0-150400.37.37.3
qemu-audio-spice-6.2.0-150400.37.37.3
qemu-block-curl-6.2.0-150400.37.37.3
qemu-block-iscsi-6.2.0-150400.37.37.3
qemu-block-rbd-6.2.0-150400.37.37.3
qemu-block-ssh-6.2.0-150400.37.37.3
qemu-chardev-baum-6.2.0-150400.37.37.3
qemu-chardev-spice-6.2.0-150400.37.37.3
qemu-guest-agent-6.2.0-150400.37.37.3
qemu-hw-display-qxl-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-6.2.0-150400.37.37.3
qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.37.3
qemu-hw-display-virtio-vga-6.2.0-150400.37.37.3
qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.37.3
qemu-hw-usb-host-6.2.0-150400.37.37.3
qemu-hw-usb-redirect-6.2.0-150400.37.37.3
qemu-ipxe-1.0.0+-150400.37.37.3
qemu-ksm-6.2.0-150400.37.37.3
qemu-kvm-6.2.0-150400.37.37.3
qemu-lang-6.2.0-150400.37.37.3
qemu-ppc-6.2.0-150400.37.37.3
qemu-s390x-6.2.0-150400.37.37.3
qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-sgabios-8-150400.37.37.3
qemu-skiboot-6.2.0-150400.37.37.3
qemu-tools-6.2.0-150400.37.37.3
qemu-ui-curses-6.2.0-150400.37.37.3
qemu-ui-gtk-6.2.0-150400.37.37.3
qemu-ui-opengl-6.2.0-150400.37.37.3
qemu-ui-spice-app-6.2.0-150400.37.37.3
qemu-ui-spice-core-6.2.0-150400.37.37.3
qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.37.3
qemu-x86-6.2.0-150400.37.37.3
Ссылки
- Link for SUSE-SU-2024:4304-1
- E-Mail link for SUSE-SU-2024:4304-1
- SUSE Security Ratings
- SUSE Bug 1229007
- SUSE Bug 1230834
- SUSE Bug 1230915
- SUSE CVE CVE-2024-7409 page
- SUSE CVE CVE-2024-8354 page
- SUSE CVE CVE-2024-8612 page
Описание
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.37.3
Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-accel-tcg-x86-6.2.0-150400.37.37.3
Ссылки
- CVE-2024-7409
- SUSE Bug 1229007
Описание
A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.37.3
Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-accel-tcg-x86-6.2.0-150400.37.37.3
Ссылки
- CVE-2024-8354
- SUSE Bug 1230834
Описание
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:qemu-guest-agent-6.2.0-150400.37.37.3
Container suse/sle-micro-rancher/5.4:latest:qemu-guest-agent-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-6.2.0-150400.37.37.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-accel-tcg-x86-6.2.0-150400.37.37.3
Ссылки
- CVE-2024-8612
- SUSE Bug 1230915