Описание
Security update for qemu
This update for qemu fixes the following issues:
Security fixes:
- CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files (bsc#1258509).
- CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write (bsc#1262089).
Other fixes:
- [openSUSE] qemu-ga: fix service file against no-autostart (bsc#1199023)
Список пакетов
Container suse/sle-micro/kvm-5.5:latest
qemu-guest-agent-7.1.0-150500.49.42.1
SUSE Linux Enterprise Micro 5.5
qemu-7.1.0-150500.49.42.1
qemu-SLOF-7.1.0-150500.49.42.1
qemu-accel-tcg-x86-7.1.0-150500.49.42.1
qemu-arm-7.1.0-150500.49.42.1
qemu-audio-spice-7.1.0-150500.49.42.1
qemu-block-curl-7.1.0-150500.49.42.1
qemu-chardev-spice-7.1.0-150500.49.42.1
qemu-guest-agent-7.1.0-150500.49.42.1
qemu-hw-display-qxl-7.1.0-150500.49.42.1
qemu-hw-display-virtio-gpu-7.1.0-150500.49.42.1
qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.42.1
qemu-hw-display-virtio-vga-7.1.0-150500.49.42.1
qemu-hw-usb-redirect-7.1.0-150500.49.42.1
qemu-ipxe-1.0.0+-150500.49.42.1
qemu-ppc-7.1.0-150500.49.42.1
qemu-s390x-7.1.0-150500.49.42.1
qemu-seabios-1.16.0_0_gd239552-150500.49.42.1
qemu-sgabios-8-150500.49.42.1
qemu-tools-7.1.0-150500.49.42.1
qemu-ui-opengl-7.1.0-150500.49.42.1
qemu-ui-spice-core-7.1.0-150500.49.42.1
qemu-vgabios-1.16.0_0_gd239552-150500.49.42.1
qemu-x86-7.1.0-150500.49.42.1
SUSE Linux Enterprise Module for Server Applications 15 SP7
qemu-sgabios-8-150500.49.42.1
Ссылки
- Link for SUSE-SU-2026:2388-1
- E-Mail link for SUSE-SU-2026:2388-1
- SUSE Security Ratings
- SUSE Bug 1199023
- SUSE Bug 1258509
- SUSE Bug 1262089
- SUSE CVE CVE-2026-2243 page
- SUSE CVE CVE-2026-3842 page
Описание
A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition (DoS).
Затронутые продукты
Container suse/sle-micro/kvm-5.5:latest:qemu-guest-agent-7.1.0-150500.49.42.1
SUSE Linux Enterprise Micro 5.5:qemu-7.1.0-150500.49.42.1
SUSE Linux Enterprise Micro 5.5:qemu-SLOF-7.1.0-150500.49.42.1
SUSE Linux Enterprise Micro 5.5:qemu-accel-tcg-x86-7.1.0-150500.49.42.1
Ссылки
- CVE-2026-2243
- SUSE Bug 1258509
Описание
unknown
Затронутые продукты
Container suse/sle-micro/kvm-5.5:latest:qemu-guest-agent-7.1.0-150500.49.42.1
SUSE Linux Enterprise Micro 5.5:qemu-7.1.0-150500.49.42.1
SUSE Linux Enterprise Micro 5.5:qemu-SLOF-7.1.0-150500.49.42.1
SUSE Linux Enterprise Micro 5.5:qemu-accel-tcg-x86-7.1.0-150500.49.42.1
Ссылки
- CVE-2026-3842
- SUSE Bug 1262089