Lucene search
SuseOPENSUSE-SU-2021:0600-1HistoryApr 23, 2021 - 12:00 a.m.
Security update for qemu (important)
2021-04-2300:00:00
lists.opensuse.org
27
EPSS
0.004
Percentile
72.7%
An update that solves 15 vulnerabilities and has two fixes
is now available.
Description:
This update for qemu fixes the following issues:
- CVE-2020-12829: Fix OOB access in sm501 device emulation (bsc#1172385)
- CVE-2020-25723: Fix use-after-free in usb xhci packet handling
(bsc#1178934) - CVE-2020-25084: Fix use-after-free in usb ehci packet handling
(bsc#1176673) - CVE-2020-25625: Fix infinite loop (DoS) in usb hcd-ohci emulation
(bsc#1176684) - CVE-2020-25624: Fix OOB access in usb hcd-ohci emulation (bsc#1176682)
- CVE-2020-27617: Fix guest triggerable assert in shared network handling
code (bsc#1178174) - CVE-2020-28916: Fix infinite loop (DoS) in e1000e device emulation
(bsc#1179468) - CVE-2020-29443: Fix OOB access in atapi emulation (bsc#1181108)
- CVE-2020-27821: Fix heap overflow in MSIx emulation (bsc#1179686)
- CVE-2020-15469: Fix null pointer deref. (DoS) in mmio ops (bsc#1173612)
- CVE-2021-20257: Fix infinite loop (DoS) in e1000 device emulation
(bsc#1182577) - CVE-2021-3416: Fix OOB access (stack overflow) in rtl8139 NIC emulation
(bsc#1182968) - CVE-2021-3416: Fix OOB access (stack overflow) in other NIC emulations
(bsc#1182968) - CVE-2020-27616: Fix OOB access in ati-vga emulation (bsc#1178400)
- CVE-2020-29129: Fix OOB access in SLIRP ARP/NCSI packet processing
(bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix package scripts to not use hard coded paths for temporary working
directories and log files (bsc#1182425) - Add split-provides through forsplits/13 to cover updates of SLE15-SP2 to
SLE15-SP3, and openSUSE equivalents (bsc#1184064) - Added a few more usability improvements for our git packaging workflow
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-600=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.2 | noarch | < - openSUSE Leap 15.2 (noarch): | - openSUSE Leap 15.2 (noarch):.noarch.rpm | |
| openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm |
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:1243-1)
2021-04-19 00:00:00
openSUSE Security Update : qemu (openSUSE-2021-600)
2021-05-18 00:00:00
EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1275)
2021-02-05 00:00:00
openvas
openvas
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:0600-1)
2021-04-24 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1243-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1256)
2021-02-05 00:00:00
osv
osv
qemu vulnerabilities
2020-11-30 12:25:14
qemu - security update
2020-11-29 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2020-11-30 00:00:00
QEMU vulnerabilities
2021-02-08 00:00:00
debian
debian
[SECURITY] [DLA 2469-1] qemu security update
2020-11-29 15:59:29
[SECURITY] [DLA 2560-1] qemu security update
2021-02-18 16:57:32
[SECURITY] [DLA 3099-1] qemu security update
2022-09-05 03:28:05
amazon
amazon
Medium: qemu
2021-06-16 20:37:00
archlinux
archlinux
[ASA-202012-26] qemu: multiple issues
2020-12-16 00:00:00
[ASA-202012-7] libslirp: information disclosure
2020-12-05 00:00:00
oraclelinux
oraclelinux
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
2021-05-25 00:00:00
qemu security update
2021-06-06 00:00:00
qemu security update
2021-03-12 00:00:00
redhat
redhat
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-05-18 06:02:26
almalinux
almalinux
fedora
fedora
[SECURITY] Fedora 32 Update: libslirp-4.3.1-3.fc32
2020-12-13 02:35:41
[SECURITY] Fedora 33 Update: libslirp-4.3.1-3.fc33
2020-12-13 02:10:05
citrix
citrix
Citrix Hypervisor Security Update
2021-06-23 11:06:42
suse
suse
Security update for qemu (important)
2021-07-11 00:00:00
nvd
nvd
ubuntucve
ubuntucve
cve
cve
prion
prion
Design/Logic Flaw
2020-11-06 08:15:00
Out-of-bounds
2020-12-08 22:15:00
Null pointer dereference
2020-12-04 07:15:00
cvelist
cvelist
cbl_mariner
cbl_mariner
CVE-2020-12829 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
CVE-2020-27821 affecting package qemu-kvm 4.2.0-48
2021-01-11 21:50:06
alpinelinux
alpinelinux
debiancve
debiancve
veracode
veracode
Denial Of Service (DoS)
2020-12-06 02:23:57
Denial Of Service (DoS)
2020-12-06 02:34:31
Denial Of Service (DoS)
2020-12-06 02:35:59
redhatcve
redhatcve
f5
f5
K41142448 : QEMU vulnerability CVE-2020-27617
2020-12-02 00:00:00
centos
centos
qemu security update
2021-06-14 18:42:09