SUSE-SU-2023:3721-1: important: Security update for qemu

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Sep 21 08:30:06 UTC 2023 


# Security update for qemu

Announcement ID: SUSE-SU-2023:3721-1  
Rating: important  
References:

  * #1172382
  * #1188609
  * #1190011
  * #1193880
  * #1197653
  * #1198712
  * #1207205
  * #1212850
  * #1212968
  * #1213925
  * #1215311

  
Cross-References:

  * CVE-2020-13754
  * CVE-2021-3638
  * CVE-2021-3750
  * CVE-2021-3929
  * CVE-2022-1050
  * CVE-2022-26354
  * CVE-2023-0330
  * CVE-2023-2861
  * CVE-2023-3180
  * CVE-2023-3354

  
CVSS scores:

  * CVE-2020-13754 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L
  * CVE-2020-13754 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-3638 ( SUSE ):  3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
  * CVE-2021-3638 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2021-3750 ( SUSE ):  7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2021-3750 ( NVD ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2021-3929 ( SUSE ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2021-3929 ( NVD ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2022-1050 ( SUSE ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2022-1050 ( NVD ):  8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2022-26354 ( SUSE ):  3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
  * CVE-2022-26354 ( NVD ):  3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
  * CVE-2023-0330 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2023-0330 ( NVD ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2023-2861 ( SUSE ):  7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2023-3180 ( SUSE ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2023-3180 ( NVD ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2023-3354 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-3354 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
  * SUSE Linux Enterprise Server 15 SP2
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2

  
  
An update that solves 10 vulnerabilities and has one security fix can now be
installed.

## Description:

This update for qemu fixes the following issues:

  * CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on
    error. (bsc#1198712)
  * CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue.
    (bsc#1193880)
  * CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue.
    (bsc#1207205)
  * CVE-2020-13754: Fixed a DoS due to an OOB access during mmio operations.
    (bsc#1172382)
  * CVE-2023-3354: Fixed a remote unauthenticated DoS due to an improper I/O
    watch removal in VNC TLS handshake. (bsc#1212850)
  * CVE-2023-3180: Fixed a heap buffer overflow in
    virtio_crypto_sym_op_helper(). (bsc#1213925)
  * CVE-2021-3638: Fixed an out-of-bounds write due to an inconsistent check in
    ati_2d_blt(). (bsc#1188609)
  * CVE-2021-3750: Fixed an use-after-free in DMA reentrancy issue.
    (bsc#1190011)
  * CVE-2023-2861: Fixed improper access control on special files in 9pfs
    (bsc#1212968).
  * CVE-2022-1050: Fixed use-after-free issue in pvrdma_exec_cmd()
    (bsc#1197653).

The following non-security bug was fixed:

  * Prepare for binutils update to 2.41 update (bsc#1215311).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch openSUSE-SLE-15.4-2023-3721=1

  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3721=1

  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3721=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP2  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3721=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * qemu-s390-debuginfo-4.2.1-150200.79.1
    * qemu-s390-4.2.1-150200.79.1
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
    x86_64)
    * qemu-block-rbd-debuginfo-4.2.1-150200.79.1
    * qemu-debugsource-4.2.1-150200.79.1
    * qemu-block-iscsi-debuginfo-4.2.1-150200.79.1
    * qemu-lang-4.2.1-150200.79.1
    * qemu-4.2.1-150200.79.1
    * qemu-block-iscsi-4.2.1-150200.79.1
    * qemu-block-curl-debuginfo-4.2.1-150200.79.1
    * qemu-tools-4.2.1-150200.79.1
    * qemu-block-ssh-debuginfo-4.2.1-150200.79.1
    * qemu-block-curl-4.2.1-150200.79.1
    * qemu-guest-agent-debuginfo-4.2.1-150200.79.1
    * qemu-block-ssh-4.2.1-150200.79.1
    * qemu-guest-agent-4.2.1-150200.79.1
    * qemu-tools-debuginfo-4.2.1-150200.79.1
    * qemu-ui-spice-app-4.2.1-150200.79.1
    * qemu-ui-spice-app-debuginfo-4.2.1-150200.79.1
    * qemu-block-rbd-4.2.1-150200.79.1
    * qemu-debuginfo-4.2.1-150200.79.1
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
    (aarch64)
    * qemu-arm-4.2.1-150200.79.1
    * qemu-arm-debuginfo-4.2.1-150200.79.1
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
    * qemu-seabios-1.12.1+-150200.79.1
    * qemu-sgabios-8-150200.79.1
    * qemu-microvm-4.2.1-150200.79.1
    * qemu-ipxe-1.0.0+-150200.79.1
    * qemu-vgabios-1.12.1+-150200.79.1
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64)
    * qemu-audio-pa-4.2.1-150200.79.1
    * qemu-audio-pa-debuginfo-4.2.1-150200.79.1
    * qemu-ui-curses-4.2.1-150200.79.1
    * qemu-ui-gtk-4.2.1-150200.79.1
    * qemu-x86-debuginfo-4.2.1-150200.79.1
    * qemu-ui-curses-debuginfo-4.2.1-150200.79.1
    * qemu-ui-gtk-debuginfo-4.2.1-150200.79.1
    * qemu-x86-4.2.1-150200.79.1
    * qemu-audio-alsa-debuginfo-4.2.1-150200.79.1
    * qemu-audio-alsa-4.2.1-150200.79.1
    * qemu-kvm-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
    x86_64)
    * qemu-block-rbd-debuginfo-4.2.1-150200.79.1
    * qemu-debugsource-4.2.1-150200.79.1
    * qemu-block-iscsi-debuginfo-4.2.1-150200.79.1
    * qemu-lang-4.2.1-150200.79.1
    * qemu-4.2.1-150200.79.1
    * qemu-block-iscsi-4.2.1-150200.79.1
    * qemu-block-curl-debuginfo-4.2.1-150200.79.1
    * qemu-tools-4.2.1-150200.79.1
    * qemu-block-ssh-debuginfo-4.2.1-150200.79.1
    * qemu-block-curl-4.2.1-150200.79.1
    * qemu-guest-agent-debuginfo-4.2.1-150200.79.1
    * qemu-block-ssh-4.2.1-150200.79.1
    * qemu-guest-agent-4.2.1-150200.79.1
    * qemu-tools-debuginfo-4.2.1-150200.79.1
    * qemu-ui-spice-app-4.2.1-150200.79.1
    * qemu-ui-spice-app-debuginfo-4.2.1-150200.79.1
    * qemu-block-rbd-4.2.1-150200.79.1
    * qemu-debuginfo-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64)
    * qemu-arm-4.2.1-150200.79.1
    * qemu-arm-debuginfo-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
    * qemu-seabios-1.12.1+-150200.79.1
    * qemu-sgabios-8-150200.79.1
    * qemu-microvm-4.2.1-150200.79.1
    * qemu-ipxe-1.0.0+-150200.79.1
    * qemu-vgabios-1.12.1+-150200.79.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le)
    * qemu-ppc-debuginfo-4.2.1-150200.79.1
    * qemu-ppc-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (s390x x86_64)
    * qemu-kvm-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (s390x)
    * qemu-s390-debuginfo-4.2.1-150200.79.1
    * qemu-s390-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64)
    * qemu-audio-pa-4.2.1-150200.79.1
    * qemu-audio-pa-debuginfo-4.2.1-150200.79.1
    * qemu-ui-curses-4.2.1-150200.79.1
    * qemu-ui-gtk-4.2.1-150200.79.1
    * qemu-x86-debuginfo-4.2.1-150200.79.1
    * qemu-ui-curses-debuginfo-4.2.1-150200.79.1
    * qemu-ui-gtk-debuginfo-4.2.1-150200.79.1
    * qemu-x86-4.2.1-150200.79.1
    * qemu-audio-alsa-debuginfo-4.2.1-150200.79.1
    * qemu-audio-alsa-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
    * qemu-block-rbd-debuginfo-4.2.1-150200.79.1
    * qemu-debugsource-4.2.1-150200.79.1
    * qemu-block-iscsi-debuginfo-4.2.1-150200.79.1
    * qemu-lang-4.2.1-150200.79.1
    * qemu-4.2.1-150200.79.1
    * qemu-block-iscsi-4.2.1-150200.79.1
    * qemu-block-curl-debuginfo-4.2.1-150200.79.1
    * qemu-tools-4.2.1-150200.79.1
    * qemu-block-ssh-debuginfo-4.2.1-150200.79.1
    * qemu-block-curl-4.2.1-150200.79.1
    * qemu-guest-agent-debuginfo-4.2.1-150200.79.1
    * qemu-block-ssh-4.2.1-150200.79.1
    * qemu-guest-agent-4.2.1-150200.79.1
    * qemu-tools-debuginfo-4.2.1-150200.79.1
    * qemu-ui-spice-app-4.2.1-150200.79.1
    * qemu-ui-spice-app-debuginfo-4.2.1-150200.79.1
    * qemu-block-rbd-4.2.1-150200.79.1
    * qemu-debuginfo-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
    * qemu-seabios-1.12.1+-150200.79.1
    * qemu-sgabios-8-150200.79.1
    * qemu-microvm-4.2.1-150200.79.1
    * qemu-ipxe-1.0.0+-150200.79.1
    * qemu-vgabios-1.12.1+-150200.79.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le)
    * qemu-ppc-debuginfo-4.2.1-150200.79.1
    * qemu-ppc-4.2.1-150200.79.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
    * qemu-audio-pa-4.2.1-150200.79.1
    * qemu-audio-pa-debuginfo-4.2.1-150200.79.1
    * qemu-ui-curses-4.2.1-150200.79.1
    * qemu-ui-gtk-4.2.1-150200.79.1
    * qemu-x86-debuginfo-4.2.1-150200.79.1
    * qemu-ui-curses-debuginfo-4.2.1-150200.79.1
    * qemu-ui-gtk-debuginfo-4.2.1-150200.79.1
    * qemu-x86-4.2.1-150200.79.1
    * qemu-audio-alsa-debuginfo-4.2.1-150200.79.1
    * qemu-audio-alsa-4.2.1-150200.79.1
    * qemu-kvm-4.2.1-150200.79.1

## References:

  * https://www.suse.com/security/cve/CVE-2020-13754.html
  * https://www.suse.com/security/cve/CVE-2021-3638.html
  * https://www.suse.com/security/cve/CVE-2021-3750.html
  * https://www.suse.com/security/cve/CVE-2021-3929.html
  * https://www.suse.com/security/cve/CVE-2022-1050.html
  * https://www.suse.com/security/cve/CVE-2022-26354.html
  * https://www.suse.com/security/cve/CVE-2023-0330.html
  * https://www.suse.com/security/cve/CVE-2023-2861.html
  * https://www.suse.com/security/cve/CVE-2023-3180.html
  * https://www.suse.com/security/cve/CVE-2023-3354.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1172382
  * https://bugzilla.suse.com/show_bug.cgi?id=1188609
  * https://bugzilla.suse.com/show_bug.cgi?id=1190011
  * https://bugzilla.suse.com/show_bug.cgi?id=1193880
  * https://bugzilla.suse.com/show_bug.cgi?id=1197653
  * https://bugzilla.suse.com/show_bug.cgi?id=1198712
  * https://bugzilla.suse.com/show_bug.cgi?id=1207205
  * https://bugzilla.suse.com/show_bug.cgi?id=1212850
  * https://bugzilla.suse.com/show_bug.cgi?id=1212968
  * https://bugzilla.suse.com/show_bug.cgi?id=1213925
  * https://bugzilla.suse.com/show_bug.cgi?id=1215311

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230921/9ff697c3/attachment.htm>

More information about the sle-security-updates mailing list