Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2021:0363-1

Опубликовано: 01 мар. 2021
Источник: suse-cvrf

Описание

Security update for qemu

This update for qemu fixes the following issues:

  • Fixed potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137)
  • Fixed out-of-bound access in iscsi (CVE-2020-11947 bsc#1180523)
  • Fixed out-of-bound access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639)
  • Fixed out-of-bound access in ARM interrupt handling (CVE-2021-20221 bsc#1181933)
  • Fixed vfio-pci device on s390 enters error state (bsc#1179717 bsc#1179719)
  • Fixed 'Failed to try-restart qemu-ga@.service' error while updating the qemu-guest-agent. (bsc#1178565)
  • Apply fixes to qemu scsi passthrough with respect to timeout and error conditions, including using more correct status codes. Add more qemu tracing which helped track down these issues (bsc#1178049)

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Список пакетов

openSUSE Leap 15.2
qemu-4.2.1-lp152.9.9.2
qemu-arm-4.2.1-lp152.9.9.2
qemu-audio-alsa-4.2.1-lp152.9.9.2
qemu-audio-pa-4.2.1-lp152.9.9.2
qemu-audio-sdl-4.2.1-lp152.9.9.2
qemu-block-curl-4.2.1-lp152.9.9.2
qemu-block-dmg-4.2.1-lp152.9.9.2
qemu-block-gluster-4.2.1-lp152.9.9.2
qemu-block-iscsi-4.2.1-lp152.9.9.2
qemu-block-nfs-4.2.1-lp152.9.9.2
qemu-block-rbd-4.2.1-lp152.9.9.2
qemu-block-ssh-4.2.1-lp152.9.9.2
qemu-extra-4.2.1-lp152.9.9.2
qemu-guest-agent-4.2.1-lp152.9.9.2
qemu-ipxe-1.0.0+-lp152.9.9.2
qemu-ksm-4.2.1-lp152.9.9.2
qemu-kvm-4.2.1-lp152.9.9.2
qemu-lang-4.2.1-lp152.9.9.2
qemu-linux-user-4.2.1-lp152.9.9.3
qemu-microvm-4.2.1-lp152.9.9.2
qemu-ppc-4.2.1-lp152.9.9.2
qemu-s390-4.2.1-lp152.9.9.2
qemu-seabios-1.12.1+-lp152.9.9.2
qemu-sgabios-8-lp152.9.9.2
qemu-testsuite-4.2.1-lp152.9.9.5
qemu-tools-4.2.1-lp152.9.9.2
qemu-ui-curses-4.2.1-lp152.9.9.2
qemu-ui-gtk-4.2.1-lp152.9.9.2
qemu-ui-sdl-4.2.1-lp152.9.9.2
qemu-ui-spice-app-4.2.1-lp152.9.9.2
qemu-vgabios-1.12.1+-lp152.9.9.2
qemu-vhost-user-gpu-4.2.1-lp152.9.9.2
qemu-x86-4.2.1-lp152.9.9.2

Ссылки

Описание

iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.

Затронутые продукты
openSUSE Leap 15.2:qemu-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-arm-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-alsa-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-pa-4.2.1-lp152.9.9.2
Ссылки

Описание

A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability.

Затронутые продукты
openSUSE Leap 15.2:qemu-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-arm-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-alsa-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-pa-4.2.1-lp152.9.9.2
Ссылки

Описание

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Затронутые продукты
openSUSE Leap 15.2:qemu-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-arm-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-alsa-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-pa-4.2.1-lp152.9.9.2
Ссылки

Описание

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Затронутые продукты
openSUSE Leap 15.2:qemu-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-arm-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-alsa-4.2.1-lp152.9.9.2
openSUSE Leap 15.2:qemu-audio-pa-4.2.1-lp152.9.9.2
Ссылки
Уязвимость openSUSE-SU-2021:0363-1