File _patchinfo of Package patchinfo.19805

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.19805

<patchinfo incident="19805">
  <issue tracker="cve" id="2021-20257"/>
  <issue tracker="cve" id="2020-14364"/>
  <issue tracker="cve" id="2020-10756"/>
  <issue tracker="cve" id="2020-29130"/>
  <issue tracker="cve" id="2020-29129"/>
  <issue tracker="cve" id="2020-25707"/>
  <issue tracker="cve" id="2020-8608"/>
  <issue tracker="cve" id="2020-13754"/>
  <issue tracker="cve" id="2020-25723"/>
  <issue tracker="cve" id="2019-15890"/>
  <issue tracker="cve" id="2021-3419"/>
  <issue tracker="bnc" id="1172380">VUL-0: CVE-2020-10756: libslirp, slirp4netns, qemu: out-of-bounds read information disclosure in icmp6_send_echoreply()</issue>
  <issue tracker="bnc" id="1172382">VUL-1: CVE-2020-13754: kvm,qemu: msix: OOB access during mmio operations may lead to DoS</issue>
  <issue tracker="bnc" id="1179484">VUL-1: CVE-2020-29129: xen: out-of-bounds access while processing NCSI packets</issue>
  <issue tracker="bnc" id="1182975">VUL-0: CVE-2021-3419: xen: rtl8139: stack overflow induced by infinite recursion issue</issue>
  <issue tracker="bnc" id="1178683">VUL-0: CVE-2020-25707: kvm,qemu: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c</issue>
  <issue tracker="bnc" id="1182846">VUL-0: CVE-2021-20257: xen:  infinite loop issue in the e1000 NIC emulator</issue>
  <issue tracker="bnc" id="1179477">VUL-0: CVE-2020-29130: xen: out-of-bounds access while processing ARP packets</issue>
  <issue tracker="bnc" id="1163019">VUL-0: CVE-2020-8608: xen: potential OOB access due to unsafe snprintf() usages</issue>
  <issue tracker="bnc" id="1178935">VUL-1: CVE-2020-25723: xen: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c</issue>
  <issue tracker="bnc" id="1175534">VUL-0: CVE-2020-14364: xen: usb: out-of-bounds r/w access issue while processing usb packets (XSA 335)</issue>
  <issue tracker="bnc" id="1149813">VUL-0: CVE-2019-15890: xen: use-after-free during packet reassembly</issue>
  <packager>jziviani</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

- Fix OOB access during mmio operations (CVE-2020-13754, bsc#1172382)
- Fix out-of-bounds read information disclosure in icmp6_send_echoreply (CVE-2020-10756, bsc#1172380)
- For the record, these issues are fixed in this package already.
  Most are alternate references to previously mentioned issues:
  (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019,
  CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683,
  CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477,
  CVE-2020-29129, bsc#1179484, CVE-2021-20257, bsc#1182846,
  CVE-2021-3419, bsc#1182975)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.19805

Places