Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
patchinfo.19464
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.19464
<patchinfo incident="19464"> <issue tracker="bnc" id="1178935">VUL-1: CVE-2020-25723: xen: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c</issue> <issue tracker="bnc" id="1176681">VUL-0: CVE-2020-25085: kvm,qemu: sdhci: out-of-bounds access issue while doing multi block SDMA</issue> <issue tracker="bnc" id="1178683">VUL-0: CVE-2020-25707: kvm,qemu: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c</issue> <issue tracker="bnc" id="1149813">VUL-0: CVE-2019-15890: xen: use-after-free during packet reassembly</issue> <issue tracker="bnc" id="1175534">VUL-0: CVE-2020-14364: xen: usb: out-of-bounds r/w access issue while processing usb packets (XSA 335)</issue> <issue tracker="bnc" id="1163019">VUL-0: CVE-2020-8608: xen: potential OOB access due to unsafe snprintf() usages</issue> <issue tracker="bnc" id="1175144">VUL-0: CVE-2020-17380: kvm,qemu: heap buffer overflow in sdhci_sdma_transfer_multi_blocks() in hw/sd/sdhci.c</issue> <issue tracker="bnc" id="1182282">VUL-0: CVE-2021-3409: qemu: incomplete fix for CVE-2020-17380 and CVE-2020-25085 in sdhi controller</issue> <issue tracker="bnc" id="1182968">VUL-0: CVE-2021-3416: qemu,kvm: rtl8139: stack overflow induced by infinite recursion issue</issue> <issue tracker="bnc" id="1179686">VUL-0: CVE-2020-27821: kvm,qemu: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c</issue> <issue tracker="bnc" id="1186290">SLES 15 SP3 GMC - QEMU BIOS fails to read stage2 loader (on s390x)</issue> <issue tracker="bnc" id="1182425">VUL-0: qemu, kvm: packaging workflow implemented in config.sh and update_git.sh uses fixed temporary files and directories</issue> <issue tracker="bnc" id="1182975">VUL-0: CVE-2021-3419: xen: rtl8139: stack overflow induced by infinite recursion issue</issue> <issue tracker="bnc" id="1179477">VUL-0: CVE-2020-29130: xen: out-of-bounds access while processing ARP packets</issue> <issue tracker="bnc" id="1181103">SLES 15 SP3 Snapshot6 - Qemu can not be used with libvirt, because qemu crashes during probing (s390x/kvm)</issue> <issue tracker="bnc" id="1183373">VUL-1: CVE-2021-20263: kvm,qemu: virtiofsd: 'security.capabilities' is not dropped with xattrmap option</issue> <issue tracker="bnc" id="1179484">VUL-1: CVE-2020-29129: xen: out-of-bounds access while processing NCSI packets</issue> <issue tracker="cve" id="2020-25707"/> <issue tracker="cve" id="2021-3416"/> <issue tracker="cve" id="2020-17380"/> <issue tracker="cve" id="2020-25723"/> <issue tracker="cve" id="2021-3419"/> <issue tracker="cve" id="2020-29129"/> <issue tracker="cve" id="2020-29130"/> <issue tracker="cve" id="2021-3409"/> <issue tracker="cve" id="2020-8608"/> <issue tracker="cve" id="2020-27821"/> <issue tracker="cve" id="2019-15890"/> <issue tracker="cve" id="2020-14364"/> <issue tracker="cve" id="2020-25085"/> <issue tracker="cve" id="2021-20263"/> <packager>jziviani</packager> <rating>important</rating> <category>security</category> <summary>Security update for qemu</summary> <description>This update for qemu fixes the following issues: - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream (bsc#1181103) - Fix OOB access in sdhci interface (CVE-2020-17380, bsc#1175144, CVE-2020-25085, bsc#1176681, CVE-2021-3409, bsc#1182282) - Fix potential privilege escalation in virtiofsd tool (CVE-2021-20263, bsc#1183373) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290) - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683, CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, CVE-2020-29129, bsc#1179484, CVE-2021-3419, bsc#1182975) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor