File _patchinfo of Package patchinfo.20428

<patchinfo incident="20428">
  <issue tracker="bnc" id="1187365">VUL-1: CVE-2021-3593: qemu: slirp: invalid pointer initialization may lead to information disclosure (udp6)</issue>
  <issue tracker="bnc" id="1185591">Unable to execute QEMU command 'migrate': There's a migration process in progress</issue>
  <issue tracker="bnc" id="1187499">VUL-1: CVE-2021-3582: qemu: pvrdma: unproperly mremap in pvrdma_map_to_pdir()</issue>
  <issue tracker="bnc" id="1187539">VUL-1: CVE-2021-3607: qemu: pvrdma: unchecked malloc size due to integer overflow in init_dev_ring()</issue>
  <issue tracker="bnc" id="1187538">VUL-1: CVE-2021-3608: qemu: pvrdma: uninitialized memory unmap in pvrdma_ring_init()</issue>
  <issue tracker="bnc" id="1187364">VUL-1: CVE-2021-3592: qemu,kvm: slirp: invalid pointer initialization may lead to information disclosure (bootp)</issue>
  <issue tracker="bnc" id="1187366">VUL-1: CVE-2021-3595: qemu: slirp: invalid pointer initialization may lead to information disclosure (tftp)</issue>
  <issue tracker="bnc" id="1176681">VUL-0: CVE-2020-25085: kvm,qemu: sdhci: out-of-bounds access issue while doing multi block SDMA</issue>
  <issue tracker="bnc" id="1187529">VUL-0: CVE-2021-3611: qemu: intel-hda: segmentation fault due to stack overflow</issue>
  <issue tracker="bnc" id="1187367">VUL-1: CVE-2021-3594: qemu,kvm: slirp: invalid pointer initialization may lead to information disclosure (udp)</issue>
  <issue tracker="bnc" id="1186290">SLES 15 SP3 GMC - QEMU BIOS fails to read stage2 loader (on s390x)</issue>
  <issue tracker="cve" id="2021-3595"/>
  <issue tracker="cve" id="2021-3611"/>
  <issue tracker="cve" id="2021-3593"/>
  <issue tracker="cve" id="2021-3592"/>
  <issue tracker="cve" id="2021-3607"/>
  <issue tracker="cve" id="2021-3594"/>
  <issue tracker="cve" id="2021-3608"/>
  <issue tracker="cve" id="2020-25085"/>
  <issue tracker="cve" id="2021-3582"/>
  <packager>jziviani</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366)
- CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364)
- CVE-2021-3594: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367)
- CVE-2021-3593: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp6) (bsc#1187365)
- CVE-2021-3582: Fix possible mremap overflow in the pvrdma (bsc#1187499)
- CVE-2021-3607: Ensure correct input on ring init (bsc#1187539)
- CVE-2021-3608: Fix the ring init error flow (bsc#1187538)
- CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow (bsc#1187529)
- CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA (bsc#1176681)

Other issues fixed:

- QEMU BIOS fails to read stage2 loader (on s390x)(bsc#1186290)
- Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)

</description>
</patchinfo>
Places

File _patchinfo of Package patchinfo.20428

Places
