Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
patchinfo.18974
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.18974
<patchinfo incident="18974"> <issue tracker="cve" id="2020-27617"/> <issue tracker="cve" id="2020-16092"/> <issue tracker="cve" id="2020-27821"/> <issue tracker="cve" id="2020-11947"/> <issue tracker="cve" id="2020-25084"/> <issue tracker="cve" id="2020-25723"/> <issue tracker="cve" id="2021-3416"/> <issue tracker="cve" id="2020-13765"/> <issue tracker="cve" id="2020-14364"/> <issue tracker="cve" id="2020-15863"/> <issue tracker="cve" id="2021-20181"/> <issue tracker="cve" id="2020-13361"/> <issue tracker="cve" id="2021-20221"/> <issue tracker="cve" id="2020-13659"/> <issue tracker="cve" id="2021-20203"/> <issue tracker="cve" id="2020-25624"/> <issue tracker="cve" id="2020-13362"/> <issue tracker="cve" id="2020-15469"/> <issue tracker="cve" id="2020-29129"/> <issue tracker="cve" id="2020-28916"/> <issue tracker="cve" id="2020-29130"/> <issue tracker="cve" id="2020-25625"/> <issue tracker="cve" id="2020-12829"/> <issue tracker="cve" id="2020-29443"/> <issue tracker="cve" id="2021-20257"/> <issue tracker="bnc" id="1182577">VUL-0: CVE-2021-20257: kvm,qemu: infinite loop issue in the e1000 NIC emulator</issue> <issue tracker="bnc" id="1178174">VUL-1: CVE-2020-27617: qemu: assert failure in eth_get_gso_type</issue> <issue tracker="bnc" id="1172478">VUL-0: CVE-2020-13765: kvm,qemu: OOB access while loading registered ROM may lead to code execution</issue> <issue tracker="bnc" id="1179686">VUL-0: CVE-2020-27821: kvm,qemu: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c</issue> <issue tracker="bnc" id="1179467">VUL-0: CVE-2020-29130: kvm,qemu,slirp4netns: out-of-bounds access while processing ARP packets</issue> <issue tracker="bnc" id="1179468">VUL-1: CVE-2020-28916: qemu,kvm: e1000e: infinite loop scenario in case of null packet descriptor</issue> <issue tracker="bnc" id="1174641">VUL-1: CVE-2020-16092: kvm,qemu: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c</issue> <issue tracker="bnc" id="1176682">VUL-0: CVE-2020-25624: kvm,qemu: usb: hcd-ohci: out-of-bound access issue while processing transfer descriptors</issue> <issue tracker="bnc" id="1172384">VUL-1: CVE-2020-13361: kvm,qemu: es1370: OOB access due to incorrect frame count leads to DoS</issue> <issue tracker="bnc" id="1176684">VUL-1: CVE-2020-25625: kvm,qemu: usb: hcd-ohci: infinite loop issue while processing transfer descriptors</issue> <issue tracker="bnc" id="1181108">VUL-0: CVE-2020-29443: qemu,kvm: atapi: OOB access while processing read commands</issue> <issue tracker="bnc" id="1182968">VUL-0: CVE-2021-3419: qemu,kvm: rtl8139: stack overflow induced by infinite recursion issue</issue> <issue tracker="bnc" id="1172385">VUL-0: CVE-2020-12829: qemu: OOB read and write due to integer overflow in sm501_2d_operation() in hw/display/sm501.c</issue> <issue tracker="bnc" id="1178565">zypper tries to restart invalid system service when updating qemu-guest-agent</issue> <issue tracker="bnc" id="1182425">VUL-0: qemu, kvm: packaging workflow implemented in config.sh and update_git.sh uses fixed temporary files and directories</issue> <issue tracker="bnc" id="1181639">VUL-1: CVE-2021-20203: kvm,xen,qemu: qemu: Failed malloc in vmxnet3_activate_device() in hw/net/vmxnet3.c</issue> <issue tracker="bnc" id="1183979">SLES 12 SP5 - KVM guest fails to find zipl boot menu index (qemu)</issue> <issue tracker="bnc" id="1174386">VUL-0: CVE-2020-15863: kvm,qemu: stack-based overflow in xgmac_enet_send() in hw/net/xgmac.c</issue> <issue tracker="bnc" id="1172383">VUL-1: CVE-2020-13362: kvm,qemu: megasas: OOB read access due to invalid index leads to DoS</issue> <issue tracker="bnc" id="1178049">L3-Question: Multiple issues after hanging I/O in SAN</issue> <issue tracker="bnc" id="1182137">VUL-0: CVE-2021-20181: qemu,kvm,: race condition in 9pfs may lead to privilege escalation</issue> <issue tracker="bnc" id="1181933">VUL-0: CVE-2021-20221: kvm,xen,qemu: out-of-bound heap buffer access via an interrupt ID field</issue> <issue tracker="bnc" id="1179466">VUL-1: CVE-2020-29129: kvm,qemu,slirp4netns: out-of-bounds access while processing NCSI packets</issue> <issue tracker="bnc" id="1180523">VUL-0: CVE-2020-11947: qemu,kvm: iscsi_aio_ioctl_cb in block/iscsi.c has a heap-based buffer over-read</issue> <issue tracker="bnc" id="1176673">VUL-0: CVE-2020-25084: kvm,qemu: usb: use-after-free issue while setting up packet</issue> <issue tracker="bnc" id="1178934">VUL-1: CVE-2020-25723: kvm,qemu: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c</issue> <issue tracker="bnc" id="1173612">VUL-0: CVE-2020-15469: kvm,qemu: QEMU: MMIO ops null pointer dereference may lead to DoS</issue> <issue tracker="bnc" id="1172386">VUL-1: CVE-2020-13659: qemu: NULL pointer dereference in the MegaRAID SAS 8708EM2 emulator</issue> <issue tracker="bnc" id="1175441">VUL-0: CVE-2020-14364: qemu,kvm: usb: out-of-bounds r/w access issue while processing usb packets</issue> <packager>bfrogers</packager> <rating>important</rating> <category>security</category> <summary>Security update for qemu</summary> <description>This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) - Fix issue where s390 guest fails to find zipl boot menu index (bsc#1183979) - Fix OOB access in iscsi (CVE-2020-11947 bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137) - Apply fixes to qemu scsi passthrough with respect to timeout and error conditions, including using more correct status codes. (bsc#1178049) - Fix OOB access in ARM interrupt handling (CVE-2021-20221 bsc#1181933) - Tweaks to spec file for better formatting, and remove not needed BuildRequires for e2fsprogs-devel and libpcap-devel - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) - Fix OOB access in ROM loading (CVE-2020-13765 bsc#1172478) - Fix OOB access while processing USB packets (CVE-2020-14364 bsc#1175441) - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092 bsc#1174641) - Fix buffer overflow in the XGMAC device (CVE-2020-15863 bsc#1174386) - Use '%service_del_postun_without_restart' instead of '%service_del_postun' to avoid "Failed to try-restart qemu-ga@.service" error while updating the qemu-guest-agent. (bsc#1178565) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor