File _patchinfo of Package patchinfo.19783

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.19783

<patchinfo incident="19783">
  <issue tracker="cve" id="2020-10756"/>
  <issue tracker="cve" id="2020-29129"/>
  <issue tracker="cve" id="2020-25085"/>
  <issue tracker="cve" id="2021-20257"/>
  <issue tracker="cve" id="2021-3419"/>
  <issue tracker="cve" id="2020-8608"/>
  <issue tracker="cve" id="2020-14364"/>
  <issue tracker="cve" id="2020-29130"/>
  <issue tracker="cve" id="2020-25707"/>
  <issue tracker="cve" id="2020-25723"/>
  <issue tracker="cve" id="2019-15890"/>
  <issue tracker="bnc" id="1178683">VUL-0: CVE-2020-25707: kvm,qemu: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c</issue>
  <issue tracker="bnc" id="1149813">VUL-0: CVE-2019-15890: xen: use-after-free during packet reassembly</issue>
  <issue tracker="bnc" id="1186290">SLES 15 SP3 GMC - QEMU BIOS fails to read stage2 loader (on s390x)</issue>
  <issue tracker="bnc" id="1178935">VUL-1: CVE-2020-25723: xen: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c</issue>
  <issue tracker="bnc" id="1163019">VUL-0: CVE-2020-8608: xen: potential OOB access due to unsafe snprintf() usages</issue>
  <issue tracker="bnc" id="1176681">VUL-0: CVE-2020-25085: kvm,qemu: sdhci: out-of-bounds access issue while doing multi block SDMA</issue>
  <issue tracker="bnc" id="1182846">VUL-0: CVE-2021-20257: xen:  infinite loop issue in the e1000 NIC emulator</issue>
  <issue tracker="bnc" id="1179477">VUL-0: CVE-2020-29130: xen: out-of-bounds access while processing ARP packets</issue>
  <issue tracker="bnc" id="1172380">VUL-0: CVE-2020-10756: libslirp, slirp4netns, qemu: out-of-bounds read information disclosure in icmp6_send_echoreply()</issue>
  <issue tracker="bnc" id="1175534">VUL-0: CVE-2020-14364: xen: usb: out-of-bounds r/w access issue while processing usb packets (XSA 335)</issue>
  <issue tracker="bnc" id="1182975">VUL-0: CVE-2021-3419: xen: rtl8139: stack overflow induced by infinite recursion issue</issue>
  <issue tracker="bnc" id="1179484">VUL-1: CVE-2020-29129: xen: out-of-bounds access while processing NCSI packets</issue>
  <issue tracker="bnc" id="1183979">SLES 12 SP5 - KVM guest fails to find zipl boot menu index (qemu)</issue>
  <issue tracker="jsc" id="SLE-17785"/>
  <packager>jziviani</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

- CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA (bsc#1176681)
- CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply(bsc#1172380)
- Fix issue where s390 guest fails to find zipl boot menu index (bsc#1183979)
- QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290)
- Host CPU microcode revision will be visible inside VMs when the proper CPU-model is used (jsc#SLE-17785):
- For the record, these issues are fixed in this package already.
  Most are alternate references to previously mentioned issues:
  (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019,
  CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683,
  CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477,
  CVE-2020-29129, bsc#1179484, CVE-2021-20257, bsc#1182846,
  CVE-2021-3419, bsc#1182975)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.19783

Places