Overview

File _patchinfo of Package patchinfo.18257

<patchinfo incident="18257">
  <issue tracker="cve" id="2020-11947"/>
  <issue tracker="cve" id="2021-20181"/>
  <issue tracker="cve" id="2021-20203"/>
  <issue tracker="cve" id="2021-20221"/>
  <issue tracker="bnc" id="1179717">SLES 15 SP2 - s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset (qemu-kvm)</issue>
  <issue tracker="bnc" id="1182137">VUL-0: CVE-2021-20181: qemu,kvm,:  race condition in 9pfs may lead to privilege escalation</issue>
  <issue tracker="bnc" id="1179719">SLES 15 SP2 - s390x/pci: Honor vfio DMA limiting (qemu-kvm)</issue>
  <issue tracker="bnc" id="1180523">VUL-0: CVE-2020-11947: qemu,kvm: iscsi_aio_ioctl_cb in block/iscsi.c has a heap-based buffer over-read</issue>
  <issue tracker="bnc" id="1181639">VUL-1: CVE-2021-20203: kvm,xen,qemu: qemu: Failed malloc in vmxnet3_activate_device() in hw/net/vmxnet3.c</issue>
  <issue tracker="bnc" id="1178565">zypper tries to restart invalid system service when updating qemu-guest-agent</issue>
  <issue tracker="bnc" id="1178049">L3-Question: Multiple issues after hanging I/O in SAN</issue>
  <issue tracker="bnc" id="1181933">VUL-0: CVE-2021-20221: kvm,xen,qemu: out-of-bound heap buffer access via an interrupt ID field</issue>
  <packager>bfrogers</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

- Fixed potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137)
- Fixed out-of-bound access in iscsi (CVE-2020-11947 bsc#1180523)
- Fixed out-of-bound access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639)
- Fixed out-of-bound access in ARM interrupt handling (CVE-2021-20221 bsc#1181933)
- Fixed vfio-pci device on s390 enters error state (bsc#1179717 bsc#1179719)
- Fixed "Failed to try-restart qemu-ga@.service" error while updating the
  qemu-guest-agent. (bsc#1178565)
- Apply fixes to qemu scsi passthrough with respect to timeout and
  error conditions, including using more correct status codes. Add
  more qemu tracing which helped track down these issues
  (bsc#1178049)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places