SUSE-SU-2023:4056-1 -- SLES qemu, qemu-guest-agentID: oval:org.secpod.oval:def:89050951 | Date: (C)2023-11-17 (M)2024-04-25 |
Class: PATCH | Family: unix |
This update for qemu fixes the following issues: * CVE-2023-3180: Fixed a buffer overflow in the virtio-crypto device . * CVE-2021-3750: Fixed a DMA reentrancy in the USB EHCI device that could lead to use-after-free . * CVE-2021-3638: Fixed a buffer overflow in the ati-vga device . * CVE-2023-3354: Fixed an issue when performing a TLS handshake that could lead to remote denial of service via VNC connection . * CVE-2023-0330: Fixed a DMA reentrancy issue in the lsi53c895a device that could lead to a stack overflow . Non-security fixes: * Fixed a potential build issue in the librm subcomponent . * Fixed a potential crash during VM migration . * Fixed potential issues during installation on a Xen host .
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
Product: |
qemu |
qemu-guest-agent |