Lucene search
SuseOPENSUSE-SU-2021:2591-1HistoryAug 02, 2021 - 12:00 a.m.
Security update for qemu (important)
2021-08-0200:00:00
lists.opensuse.org
65
EPSS
0.001
Percentile
31.1%
An update that solves 9 vulnerabilities and has two fixes
is now available.
Description:
This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to
information disclosure (tftp) (bsc#1187366) - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to
information disclosure (bootp) (bsc#1187364) - CVE-2021-3594: Fix for slirp: invalid pointer initialization may lead to
information disclosure (udp) (bsc#1187367) - CVE-2021-3593: Fix for slirp: invalid pointer initialization may lead to
information disclosure (udp6) (bsc#1187365) - CVE-2021-3582: Fix possible mremap overflow in the pvrdma (bsc#1187499)
- CVE-2021-3607: Ensure correct input on ring init (bsc#1187539)
- CVE-2021-3608: Fix the ring init error flow (bsc#1187538)
- CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow
(bsc#1187529) - CVE-2020-25085: Fix out-of-bounds access issue while doing multi block
SDMA (bsc#1176681)
Other issues fixed:
- QEMU BIOS fails to read stage2 loader (on s390x)(bsc#1186290)
- Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2591=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.3 | x86_64 | < - openSUSE Leap 15.3 (x86_64): | - openSUSE Leap 15.3 (x86_64):.x86_64.rpm |
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:2591-1)
2021-08-04 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:2591-1)
2021-08-03 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:2474-1)
2021-07-28 00:00:00
nessus
nessus
openSUSE 15 Security Update : qemu (openSUSE-SU-2021:2591-1)
2021-08-03 00:00:00
SUSE SLES15 Security Update : qemu (SUSE-SU-2021:2591-1)
2021-08-03 00:00:00
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:2448-1)
2021-07-23 00:00:00
suse
suse
Security update for qemu (important)
2021-07-27 00:00:00
Security update for qemu (important)
2021-07-21 00:00:00
Security update for libslirp (important)
2022-05-18 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: libslirp-4.3.1-5.fc33
2021-07-04 01:09:15
[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34
2021-07-04 01:07:58
gentoo
gentoo
libslirp: Multiple vulnerabilities
2021-07-20 00:00:00
mageia
mageia
Updated libslirp packages fix security vulnerability
2021-10-21 00:28:32
archlinux
archlinux
[ASA-202106-49] libslirp: information disclosure
2021-06-22 00:00:00
amazon
amazon
Low: qemu
2023-07-20 17:29:00
osv
osv
libslirp vulnerabilities
2021-07-15 17:23:21
ubuntu
ubuntu
libslirp vulnerabilities
2021-07-15 00:00:00
libslirp vulnerabilities
2021-10-26 00:00:00
QEMU vulnerabilities
2021-07-15 00:00:00
redhat
redhat
almalinux
almalinux
oraclelinux
oraclelinux
virt:ol and virt-devel:ol security, bug fix, and enhancement update
2021-11-16 00:00:00
qemu security update
2022-01-04 00:00:00
qemu security update
2021-08-17 00:00:00
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-11-09 08:35:34
debian
debian
[SECURITY] [DLA 2753-1] qemu security update
2021-09-02 18:40:09
[SECURITY] [DLA 3362-1] qemu security update
2023-03-14 21:01:53
[SECURITY] [DLA 2753-2] qemu regression update
2021-09-11 22:11:35
nvd
nvd
debiancve
debiancve
cvelist
cvelist
veracode
veracode
Arbitrary Code Execution
2020-12-06 02:38:41
Denial Of Service
2021-07-20 05:40:07
Information Disclosure
2021-06-16 00:02:45
cve
cve
redhatcve
redhatcve
alpinelinux
alpinelinux
prion
prion
Heap overflow
2020-09-25 05:15:00
Design/Logic Flaw
2022-03-25 19:15:00
Integer overflow
2022-02-24 19:15:00
ubuntucve
ubuntucve
cbl_mariner
cbl_mariner
CVE-2021-3607 affecting package qemu-kvm 4.2.0-48
2022-04-07 06:04:11
CVE-2021-3608 affecting package qemu-kvm 4.2.0-48
2022-04-07 06:04:11
CVE-2021-3611 affecting package qemu for versions less than 8.2.0-1
2024-03-19 17:21:46