Lucene search

K
suseSuseOPENSUSE-SU-2021:1043-1
HistoryJul 14, 2021 - 12:00 a.m.

Security update for qemu (moderate)

2021-07-1400:00:00
lists.opensuse.org
15

0.009 Low

EPSS

Percentile

82.9%

An update that solves 14 vulnerabilities, contains one
feature and has 5 fixes is now available.

Description:

This update for qemu fixes the following issues:

Security issues fixed:

  • CVE-2021-3546: Fix out-of-bounds write in virgl_cmd_get_capset
    (bsc#1185981)
  • CVE-2021-3544: Fix memory leaks found in the virtio vhost-user GPU
    device (bsc#1186010)
  • CVE-2021-3545: Fix information disclosure due to uninitialized memory
    read (bsc#1185990)
  • CVE-2020-25085: Fix out-of-bounds access issue while doing multi block
    SDMA (bsc#1176681)
  • CVE-2020-10756: Fix out-of-bounds read information disclosure in
    icmp6_send_echoreply(bsc#1172380)
  • For the record, these issues are fixed in this package already. Most are
    alternate references to previously mentioned issues: (CVE-2019-15890,
    bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534,
    CVE-2020-25707, bsc#1178683, CVE-2020-25723, bsc#1178935,
    CVE-2020-29130, bsc#1179477, CVE-2020-29129, bsc#1179484,
    CVE-2021-20257, bsc#1182846, CVE-2021-3419, bsc#1182975)

Non-security issues fixed:

  • Fix issue where s390 guest fails to find zipl boot menu index
    (bsc#1183979)
  • QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290)
  • Host CPU microcode revision will be visible inside VMs when the proper
    CPU-model is used (jsc#SLE-17785):
  • Fix testsuite error (bsc#1184574)
  • Fix qemu crash with iothread when block commit after snapshot
    (bsc#1187013)
  • Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)
  • Use RCU to avoid race during scsi hotplug/hotunplug (bsc#1184574)

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or β€œzypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.2:

    zypper in -t patch openSUSE-2021-1043=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.2x86_64<Β - openSUSE Leap 15.2 (x86_64):- openSUSE Leap 15.2 (x86_64):.x86_64.rpm
openSUSE Leap15.2noarch<Β - openSUSE Leap 15.2 (noarch):- openSUSE Leap 15.2 (noarch):.noarch.rpm