Lucene search

K
suse
SuseSUSE-SU-2022:3768-1
HistoryOct 26, 2022 - 12:00 a.m.

Security update for qemu (important)

2022-10-2600:00:00
lists.opensuse.org
8

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

An update that solves 7 vulnerabilities and has one errata
is now available.

Description:

This update for qemu fixes the following issues:

  • CVE-2021-3409: Fixed an incomplete fix for CVE-2020-17380 and
    CVE-2020-25085 in sdhi controller. (bsc#1182282)
  • CVE-2021-4206: Fixed an integer overflow in cursor_alloc which can lead
    to heap buffer overflow. (bsc#1198035)
  • CVE-2021-4207: Fixed a double fetch in qxl_cursor ehich can lead to heap
    buffer overflow. (bsc#1198037)
  • CVE-2022-0216: Fixed a use after free issue found in
    hw/scsi/lsi53c895a.c. (bsc#1198038)
  • CVE-2022-35414: Fixed an uninitialized read during address translation
    that leads to a crash. (bsc#1201367)
  • CVE-2021-3507: Fixed a heap buffer overflow in DMA read data transfers.
    (bsc#1185000)
  • CVE-2020-17380: Fixed a heap buffer overflow in
    sdhci_sdma_transfer_multi_blocks. (bsc#1175144)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.3:

    zypper in -t patch openSUSE-SLE-15.3-2022-3768=1

  • SUSE Linux Enterprise Server for SAP 15-SP1:

    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3768=1

  • SUSE Linux Enterprise Server 15-SP1-LTSS:

    zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3768=1

  • SUSE Linux Enterprise Server 15-SP1-BCL:

    zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3768=1

  • SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:

    zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3768=1

  • SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:

    zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3768=1

  • SUSE Enterprise Storage 6:

    zypper in -t patch SUSE-Storage-6-2022-3768=1

  • SUSE CaaS Platform 4.0:

    To install this update, use the SUSE CaaS Platform ‘skuba’ tool. It
    will inform you if it detects new updates and let you then trigger
    updating of the complete cluster in a controlled way.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.3aarch64< - openSUSE Leap 15.3 (aarch64 x86_64):- openSUSE Leap 15.3 (aarch64 x86_64):.aarch64.rpm
openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (aarch64 x86_64):- openSUSE Leap 15.3 (aarch64 x86_64):.x86_64.rpm
SUSE Linux Enterprise Server for SAP 15SP1ppc64le< SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):.ppc64le.rpm
SUSE Linux Enterprise Server for SAP 15SP1x86_64< SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):.x86_64.rpm
SUSE Linux Enterprise Server for SAP 15SP1ppc64le< SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le):- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le):.ppc64le.rpm
SUSE Linux Enterprise Server for SAP 15SP1x86_64< SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):.x86_64.rpm
SUSE Linux Enterprise Server for SAP 15SP1noarch< SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):.noarch.rpm
SUSE Linux Enterprise Server 15SP1-LTSSaarch64- suse linux enterprise server 15< SP1-LTSS (aarch64 ppc64le s390x x86_64):- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):.aarch64.rpm
SUSE Linux Enterprise Server 15SP1-LTSSppc64le- suse linux enterprise server 15< SP1-LTSS (aarch64 ppc64le s390x x86_64):- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):.ppc64le.rpm
SUSE Linux Enterprise Server 15SP1-LTSSs390x- suse linux enterprise server 15< SP1-LTSS (aarch64 ppc64le s390x x86_64):- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):.s390x.rpm
Rows per page:
1-10 of 371
How to protect your server from attacks?

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

Related for SUSE-SU-2022:3768-1