SUSE-CU-2024:5896-1: Security update of bci/kiwi

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Nov 29 08:12:02 UTC 2024 

SUSE Container Update Advisory: bci/kiwi
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:5896-1
Container Tags        : bci/kiwi:9 , bci/kiwi:9.24 , bci/kiwi:9.24.43 , bci/kiwi:9.24.43-19.2 , bci/kiwi:latest
Container Release     : 19.2
Severity              : important
Type                  : security
References            : 1224132 1229007 1229929 1230140 1230834 1230915 1231519 CVE-2024-4693
                        CVE-2024-7409 CVE-2024-8354 CVE-2024-8612 
-----------------------------------------------------------------

The container bci/kiwi was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4094-1
Released:    Thu Nov 28 12:56:39 2024
Summary:     Security update for qemu
Type:        security
Severity:    important
References:  1224132,1229007,1229929,1230140,1230834,1230915,1231519,CVE-2024-4693,CVE-2024-7409,CVE-2024-8354,CVE-2024-8612
This update for qemu fixes the following issues:

Security fixes:

- CVE-2024-8354: Fixed assertion failure in usb_ep_get() (bsc#1230834)
- CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915)

Update version to 8.2.7:

Security fixes:

- CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007) 
- CVE-2024-4693: Fixed improper release of configure vector in virtio-pci that lead to guest triggerable crash (bsc#1224132)

Other fixes:

- added missing fix for ppc64 emulation that caused corruption in userspace (bsc#1230140)
- target/ppc: Fix lxvx/stxvx facility check (bsc#1229929)
- accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519)

Full changelog here: 

https://lore.kernel.org/qemu-devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305@tls.msk.ru/


The following package changes have been done:

- qemu-pr-helper-8.2.7-150600.3.20.1 updated
- qemu-img-8.2.7-150600.3.20.1 updated
- qemu-tools-8.2.7-150600.3.20.1 updated

More information about the sle-container-updates mailing list