Lucene search
SuseOPENSUSE-SU-2022:0930-1HistoryMar 22, 2022 - 12:00 a.m.
Security update for qemu (important)
2022-03-2200:00:00
lists.opensuse.org
32
qemu
privilege escalation
denial of service
scsi device
kernel data corruption
package dependencies
powerpc firmware
i/o.
EPSS
0
Percentile
14.2%
An update that solves two vulnerabilities and has 6 fixes
is now available.
Description:
This update for qemu fixes the following issues:
- CVE-2022-0358: Fixed a potential privilege escalation via virtiofsd
(bsc#1195161). - CVE-2021-3930: Fixed a potential denial of service in the emulated SCSI
device (bsc#1192525).
Non-security fixes:
- Fixed a kernel data corruption via a long kernel boot cmdline
(bsc#1196737). - Included vmxcap in the qemu-tools package (bsc#1193364).
- Fixed package dependencies (bsc#1196087).
- Fixed an issue were PowerPC firmwares would not be built for non-PowerPC
builds (bsc#1193545). - Fixed multiple issues in I/O (bsc#1178049 bsc#1194938).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-930=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.3 | aarch64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm | |
| openSUSE Leap | 15.3 | ppc64le | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm | |
| openSUSE Leap | 15.3 | s390x | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm | |
| openSUSE Leap | 15.3 | x86_64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.3 | s390x | < - openSUSE Leap 15.3 (s390x x86_64): | - openSUSE Leap 15.3 (s390x x86_64):.s390x.rpm | |
| openSUSE Leap | 15.3 | x86_64 | < - openSUSE Leap 15.3 (s390x x86_64): | - openSUSE Leap 15.3 (s390x x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.3 | noarch | < - openSUSE Leap 15.3 (noarch): | - openSUSE Leap 15.3 (noarch):.noarch.rpm |
Related
openvas
openvas
openSUSE: Security Advisory for qemu (openSUSE-SU-2022:0930-1)
2022-03-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0930-1)
2022-03-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1151-1)
2022-04-12 00:00:00
nessus
nessus
openSUSE 15 Security Update : qemu (openSUSE-SU-2022:0930-1)
2022-03-23 00:00:00
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2022:0930-1)
2022-03-23 00:00:00
RHEL 8 : virt:av and virt-devel:av (RHSA-2021:5065)
2021-12-10 00:00:00
redhat
redhat
osv
osv
CVE-2021-3930
2022-02-18 18:15:09
Low: virt:rhel and virt-devel:rhel security update
2021-12-21 09:11:21
Low: virt:rhel and virt-devel:rhel security update
2021-12-21 09:11:21
ubuntucve
ubuntucve
CVE-2021-3930
2022-02-18 00:00:00
CVE-2022-0358
2022-01-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-3930 affecting package qemu for versions less than 6.2.0-2
2022-06-03 17:54:21
CVE-2021-3930 affecting package qemu-kvm 4.2.0-48
2022-04-07 06:04:11
CVE-2022-0358 affecting package qemu-kvm 4.2.0-41
2023-01-12 20:55:00
alpinelinux
alpinelinux
CVE-2021-3930
2022-02-18 18:15:09
debiancve
debiancve
CVE-2021-3930
2022-02-18 18:15:09
CVE-2022-0358
2022-08-29 15:15:09
cve
cve
CVE-2021-3930
2022-02-18 18:15:09
CVE-2022-0358
2022-08-29 15:15:09
prion
prion
Race condition
2022-02-18 18:15:00
Design/Logic Flaw
2022-08-29 15:15:00
cvelist
cvelist
CVE-2021-3930
2022-02-18 17:50:48
CVE-2022-0358
2022-08-29 00:00:00
nvd
nvd
CVE-2021-3930
2022-02-18 18:15:09
CVE-2022-0358
2022-08-29 15:15:09
redhatcve
redhatcve
CVE-2021-3930
2021-11-05 10:46:37
CVE-2022-0358
2022-01-25 17:37:08
veracode
veracode
Denial Of Service (DoS)
2022-01-15 21:49:42
Privilege Escalation
2022-04-26 04:59:52
redos
redos
ROS-20220324-02
2022-03-24 00:00:00
ROS-20220125-17
2022-01-25 00:00:00
oraclelinux
oraclelinux
virt:ol and virt-devel:rhel security update
2022-03-16 00:00:00
virt:ol and virt-devel:rhel security update
2021-12-22 00:00:00
qemu security update
2022-01-04 00:00:00
rocky
rocky
virt:rhel and virt-devel:rhel security update
2021-12-21 09:11:21
virt:rhel and virt-devel:rhel security update
2022-03-15 09:10:17
almalinux
almalinux
Low: virt:rhel and virt-devel:rhel security update
2021-12-21 09:11:21
Moderate: virt:rhel and virt-devel:rhel security update
2022-03-15 09:10:17
cnvd
cnvd
QEMU Elevation of Privilege Vulnerability (CNVD-2022-84163)
2022-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: qemu-5.2.0-9.fc34
2022-02-25 17:03:11
[SECURITY] Fedora 35 Update: qemu-6.1.0-14.fc35
2022-02-15 01:38:50
ubuntu
ubuntu
QEMU vulnerabilities
2022-02-28 00:00:00
QEMU vulnerabilities
2022-12-12 00:00:00
QEMU vulnerabilities
2022-06-21 00:00:00
debian
debian
[SECURITY] [DLA 2970-1] qemu security update
2022-04-04 13:21:47
[SECURITY] [DSA 5133-1] qemu security update
2022-05-09 20:44:24
[SECURITY] [DLA 3099-1] qemu security update
2022-09-05 03:28:05
amazon
amazon
Medium: qemu
2023-05-25 17:41:00
altlinux
altlinux
Security fix for the ALT Linux 10 package qemu version 6.1.1-alt1
2022-03-01 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00