SUSE-SU-2021:1243-1 -- SLES qemu, qemu-guest-agentID: oval:org.secpod.oval:def:89049497 | Date: (C)2023-09-27 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for qemu fixes the following issues: - CVE-2020-12829: Fix OOB access in sm501 device emulation - CVE-2020-25723: Fix use-after-free in usb xhci packet handling - CVE-2020-25084: Fix use-after-free in usb ehci packet handling - CVE-2020-25625: Fix infinite loop in usb hcd-ohci emulation - CVE-2020-25624: Fix OOB access in usb hcd-ohci emulation - CVE-2020-27617: Fix guest triggerable assert in shared network handling code - CVE-2020-28916: Fix infinite loop in e1000e device emulation - CVE-2020-29443: Fix OOB access in atapi emulation - CVE-2020-27821: Fix heap overflow in MSIx emulation - CVE-2020-15469: Fix null pointer deref. in mmio ops - CVE-2021-20257: Fix infinite loop in e1000 device emulation - CVE-2021-3416: Fix OOB access in rtl8139 NIC emulation - CVE-2021-3416: Fix OOB access in other NIC emulations - CVE-2020-27616: Fix OOB access in ati-vga emulation - CVE-2020-29129: Fix OOB access in SLIRP ARP/NCSI packet processing - Fix package scripts to not use hard coded paths for temporary working directories and log files - Add split-provides through forsplits/13 to cover updates of SLE15-SP2 to SLE15-SP3, and openSUSE equivalents - Added a few more usability improvements for our git packaging workflow
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Desktop 15 SP2 |
Product: |
qemu |
qemu-guest-agent |