SUSE-SU-2021:14772-1 -- SLES kvmID: oval:org.secpod.oval:def:89045488 | Date: (C)2021-08-06 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for kvm fixes the following issues: - CVE-2021-3594: invalid pointer initialization may lead to information disclosure in slirp - CVE-2021-3592: invalid pointer initialization may lead to information disclosure . - CVE-2021-3416: infinite loop in loopback mode may lead to stack overflow. - CVE-2020-15469: MMIO ops null pointer dereference may lead to DoS. - CVE-2020-11947: iscsi_aio_ioctl_cb in block/iscsi.c has a heap-based buffer over-read. - CVE-2021-20221: out-of-bound heap buffer access via an interrupt ID field. - CVE-2020-25707: infinite loop in e1000e_write_packet_to_guest in hw/net/e1000e_core.c. - CVE-2020-15863: stack-based overflow in xgmac_enet_send in hw/net/xgmac.c
Platform: |
SUSE Linux Enterprise Server 11 SP4 |