SUSE-SU-2023:0761-1: important: Security update for qemu

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Mar 16 12:30:38 UTC 2023



# Security update for qemu

Announcement ID: SUSE-SU-2023:0761-1  
Rating: important  
References:

  * #1172033
  * #1172382
  * #1175144
  * #1180207
  * #1182282
  * #1185000
  * #1193880
  * #1197653
  * #1198035
  * #1198038
  * #1198712
  * #1201367
  * #1205808

  
Cross-References:

  * CVE-2020-13253
  * CVE-2020-13754
  * CVE-2020-14394
  * CVE-2020-17380
  * CVE-2020-25085
  * CVE-2021-3409
  * CVE-2021-3507
  * CVE-2021-3929
  * CVE-2021-4206
  * CVE-2022-0216
  * CVE-2022-1050
  * CVE-2022-26354
  * CVE-2022-35414
  * CVE-2022-4144

  
CVSS scores:

  * CVE-2020-13253 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2020-13253 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2020-13754 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L
  * CVE-2020-13754 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2020-14394 ( SUSE ):  3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
  * CVE-2020-14394 ( NVD ):  3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
  * CVE-2020-17380 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
  * CVE-2020-17380 ( NVD ):  6.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
  * CVE-2020-25085 ( SUSE ):  5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
  * CVE-2020-25085 ( NVD ):  5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
  * CVE-2021-3409 ( SUSE ):  5.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
  * CVE-2021-3409 ( NVD ):  5.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
  * CVE-2021-3507 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2021-3507 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
  * CVE-2021-3929 ( SUSE ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2021-3929 ( NVD ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2021-4206 ( SUSE ):  7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2021-4206 ( NVD ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2022-0216 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2022-0216 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-1050 ( SUSE ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2022-1050 ( NVD ):  8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2022-26354 ( SUSE ):  3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
  * CVE-2022-26354 ( NVD ):  3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
  * CVE-2022-35414 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2022-35414 ( NVD ):  8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2022-4144 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2022-4144 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves 14 vulnerabilities can now be installed.

## Description:

This update for qemu fixes the following issues:

  * bsc#1172033 (CVE-2020-13253)

  * bsc#1180207 (CVE-2020-14394)

  * bsc#1172382 (CVE-2020-13754)

  * bsc#1198038 (CVE-2022-0216)

  * bsc#1193880 (CVE-2021-3929)

  * bsc#1197653 (CVE-2022-1050)

  * bsc#1205808 (CVE-2022-4144), bsc#1198712 (CVE-2022-26354)

  * bsc#1175144 (CVE-2020-17380, CVE-2020-25085, CVE-2021-3409), bsc#1185000
    (CVE-2021-3507), bsc#1201367, CVE-2022-35414

  * About bsc#1175144, see also bsc#1182282 (CVE-2021-3409)

  * bsc#1198035, CVE-2021-4206

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing 12 SP5  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-761=1

  * SUSE Linux Enterprise Server 12 SP5  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-761=1

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-761=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
    * qemu-audio-sdl-3.1.1.1-66.1
    * qemu-block-ssh-debuginfo-3.1.1.1-66.1
    * qemu-audio-oss-3.1.1.1-66.1
    * qemu-audio-oss-debuginfo-3.1.1.1-66.1
    * qemu-block-rbd-debuginfo-3.1.1.1-66.1
    * qemu-block-ssh-3.1.1.1-66.1
    * qemu-block-iscsi-3.1.1.1-66.1
    * qemu-audio-alsa-debuginfo-3.1.1.1-66.1
    * qemu-debugsource-3.1.1.1-66.1
    * qemu-audio-sdl-debuginfo-3.1.1.1-66.1
    * qemu-guest-agent-3.1.1.1-66.1
    * qemu-block-curl-3.1.1.1-66.1
    * qemu-audio-pa-debuginfo-3.1.1.1-66.1
    * qemu-ui-sdl-debuginfo-3.1.1.1-66.1
    * qemu-ui-gtk-debuginfo-3.1.1.1-66.1
    * qemu-block-curl-debuginfo-3.1.1.1-66.1
    * qemu-block-rbd-3.1.1.1-66.1
    * qemu-guest-agent-debuginfo-3.1.1.1-66.1
    * qemu-3.1.1.1-66.1
    * qemu-ui-curses-3.1.1.1-66.1
    * qemu-audio-pa-3.1.1.1-66.1
    * qemu-ui-sdl-3.1.1.1-66.1
    * qemu-ui-curses-debuginfo-3.1.1.1-66.1
    * qemu-ui-gtk-3.1.1.1-66.1
    * qemu-lang-3.1.1.1-66.1
    * qemu-audio-alsa-3.1.1.1-66.1
    * qemu-tools-3.1.1.1-66.1
    * qemu-block-iscsi-debuginfo-3.1.1.1-66.1
    * qemu-tools-debuginfo-3.1.1.1-66.1
  * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64)
    * qemu-arm-debuginfo-3.1.1.1-66.1
    * qemu-arm-3.1.1.1-66.1
  * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
    * qemu-sgabios-8-66.1
    * qemu-seabios-1.12.0_0_ga698c89-66.1
    * qemu-vgabios-1.12.0_0_ga698c89-66.1
    * qemu-ipxe-1.0.0+-66.1
  * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
    * qemu-kvm-3.1.1.1-66.1
    * qemu-x86-3.1.1.1-66.1
  * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
    * qemu-audio-sdl-3.1.1.1-66.1
    * qemu-block-ssh-debuginfo-3.1.1.1-66.1
    * qemu-audio-oss-3.1.1.1-66.1
    * qemu-audio-oss-debuginfo-3.1.1.1-66.1
    * qemu-block-ssh-3.1.1.1-66.1
    * qemu-block-iscsi-3.1.1.1-66.1
    * qemu-audio-alsa-debuginfo-3.1.1.1-66.1
    * qemu-debugsource-3.1.1.1-66.1
    * qemu-audio-sdl-debuginfo-3.1.1.1-66.1
    * qemu-guest-agent-3.1.1.1-66.1
    * qemu-block-curl-3.1.1.1-66.1
    * qemu-audio-pa-debuginfo-3.1.1.1-66.1
    * qemu-ui-sdl-debuginfo-3.1.1.1-66.1
    * qemu-ui-gtk-debuginfo-3.1.1.1-66.1
    * qemu-block-curl-debuginfo-3.1.1.1-66.1
    * qemu-guest-agent-debuginfo-3.1.1.1-66.1
    * qemu-3.1.1.1-66.1
    * qemu-ui-curses-3.1.1.1-66.1
    * qemu-audio-pa-3.1.1.1-66.1
    * qemu-ui-sdl-3.1.1.1-66.1
    * qemu-ui-curses-debuginfo-3.1.1.1-66.1
    * qemu-ui-gtk-3.1.1.1-66.1
    * qemu-lang-3.1.1.1-66.1
    * qemu-audio-alsa-3.1.1.1-66.1
    * qemu-tools-3.1.1.1-66.1
    * qemu-block-iscsi-debuginfo-3.1.1.1-66.1
    * qemu-tools-debuginfo-3.1.1.1-66.1
  * SUSE Linux Enterprise Server 12 SP5 (aarch64)
    * qemu-arm-debuginfo-3.1.1.1-66.1
    * qemu-arm-3.1.1.1-66.1
  * SUSE Linux Enterprise Server 12 SP5 (aarch64 x86_64)
    * qemu-block-rbd-3.1.1.1-66.1
    * qemu-block-rbd-debuginfo-3.1.1.1-66.1
  * SUSE Linux Enterprise Server 12 SP5 (noarch)
    * qemu-sgabios-8-66.1
    * qemu-seabios-1.12.0_0_ga698c89-66.1
    * qemu-vgabios-1.12.0_0_ga698c89-66.1
    * qemu-ipxe-1.0.0+-66.1
  * SUSE Linux Enterprise Server 12 SP5 (ppc64le)
    * qemu-ppc-3.1.1.1-66.1
    * qemu-ppc-debuginfo-3.1.1.1-66.1
  * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64)
    * qemu-kvm-3.1.1.1-66.1
  * SUSE Linux Enterprise Server 12 SP5 (s390x)
    * qemu-s390-debuginfo-3.1.1.1-66.1
    * qemu-s390-3.1.1.1-66.1
  * SUSE Linux Enterprise Server 12 SP5 (x86_64)
    * qemu-x86-3.1.1.1-66.1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
    * qemu-audio-sdl-3.1.1.1-66.1
    * qemu-block-ssh-debuginfo-3.1.1.1-66.1
    * qemu-audio-oss-3.1.1.1-66.1
    * qemu-audio-oss-debuginfo-3.1.1.1-66.1
    * qemu-block-ssh-3.1.1.1-66.1
    * qemu-block-iscsi-3.1.1.1-66.1
    * qemu-audio-alsa-debuginfo-3.1.1.1-66.1
    * qemu-debugsource-3.1.1.1-66.1
    * qemu-audio-sdl-debuginfo-3.1.1.1-66.1
    * qemu-guest-agent-3.1.1.1-66.1
    * qemu-block-curl-3.1.1.1-66.1
    * qemu-audio-pa-debuginfo-3.1.1.1-66.1
    * qemu-ui-sdl-debuginfo-3.1.1.1-66.1
    * qemu-ui-gtk-debuginfo-3.1.1.1-66.1
    * qemu-block-curl-debuginfo-3.1.1.1-66.1
    * qemu-guest-agent-debuginfo-3.1.1.1-66.1
    * qemu-3.1.1.1-66.1
    * qemu-ui-curses-3.1.1.1-66.1
    * qemu-audio-pa-3.1.1.1-66.1
    * qemu-ui-sdl-3.1.1.1-66.1
    * qemu-ui-curses-debuginfo-3.1.1.1-66.1
    * qemu-ui-gtk-3.1.1.1-66.1
    * qemu-lang-3.1.1.1-66.1
    * qemu-audio-alsa-3.1.1.1-66.1
    * qemu-tools-3.1.1.1-66.1
    * qemu-block-iscsi-debuginfo-3.1.1.1-66.1
    * qemu-tools-debuginfo-3.1.1.1-66.1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
    * qemu-sgabios-8-66.1
    * qemu-seabios-1.12.0_0_ga698c89-66.1
    * qemu-vgabios-1.12.0_0_ga698c89-66.1
    * qemu-ipxe-1.0.0+-66.1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le)
    * qemu-ppc-3.1.1.1-66.1
    * qemu-ppc-debuginfo-3.1.1.1-66.1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
    * qemu-block-rbd-3.1.1.1-66.1
    * qemu-kvm-3.1.1.1-66.1
    * qemu-x86-3.1.1.1-66.1
    * qemu-block-rbd-debuginfo-3.1.1.1-66.1

## References:

  * https://www.suse.com/security/cve/CVE-2020-13253.html
  * https://www.suse.com/security/cve/CVE-2020-13754.html
  * https://www.suse.com/security/cve/CVE-2020-14394.html
  * https://www.suse.com/security/cve/CVE-2020-17380.html
  * https://www.suse.com/security/cve/CVE-2020-25085.html
  * https://www.suse.com/security/cve/CVE-2021-3409.html
  * https://www.suse.com/security/cve/CVE-2021-3507.html
  * https://www.suse.com/security/cve/CVE-2021-3929.html
  * https://www.suse.com/security/cve/CVE-2021-4206.html
  * https://www.suse.com/security/cve/CVE-2022-0216.html
  * https://www.suse.com/security/cve/CVE-2022-1050.html
  * https://www.suse.com/security/cve/CVE-2022-26354.html
  * https://www.suse.com/security/cve/CVE-2022-35414.html
  * https://www.suse.com/security/cve/CVE-2022-4144.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1172033
  * https://bugzilla.suse.com/show_bug.cgi?id=1172382
  * https://bugzilla.suse.com/show_bug.cgi?id=1175144
  * https://bugzilla.suse.com/show_bug.cgi?id=1180207
  * https://bugzilla.suse.com/show_bug.cgi?id=1182282
  * https://bugzilla.suse.com/show_bug.cgi?id=1185000
  * https://bugzilla.suse.com/show_bug.cgi?id=1193880
  * https://bugzilla.suse.com/show_bug.cgi?id=1197653
  * https://bugzilla.suse.com/show_bug.cgi?id=1198035
  * https://bugzilla.suse.com/show_bug.cgi?id=1198038
  * https://bugzilla.suse.com/show_bug.cgi?id=1198712
  * https://bugzilla.suse.com/show_bug.cgi?id=1201367
  * https://bugzilla.suse.com/show_bug.cgi?id=1205808

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230316/4a7f6a09/attachment.htm>


More information about the sle-security-updates mailing list