File _patchinfo of Package patchinfo.30222

<patchinfo incident="30222">
  <issue tracker="bnc" id="1213414">VUL-0: CVE-2023-3301: qemu: vhost-vdpa: do not cleanup the vdpa/vhost-net structures if peer nic is present</issue>
  <issue tracker="bnc" id="1207205">VUL-0: CVE-2023-0330: kvm,qemu: lsi53c895a: DMA reentrancy issue leads to stack overflow</issue>
  <issue tracker="bnc" id="1213925">VUL-0: CVE-2023-3180: qemu,kvm: virtio-crypto: heap buffer overflow in virtio_crypto_sym_op_helper()</issue>
  <issue tracker="bnc" id="1188609">VUL-1: CVE-2021-3638: qemu: ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write</issue>
  <issue tracker="bnc" id="1212850">VUL-0: CVE-2023-3354: qemu,kvm: improper I/O watch removal in VNC TLS handshake can lead to remote unauthenticated denial of service</issue>
  <issue tracker="bnc" id="1190011">VUL-0: CVE-2021-3750: kvm,qemu: hcd-ehci: DMA reentrancy issue leads to use-after-free</issue>
  <issue tracker="cve" id="2023-3301"/>
  <issue tracker="cve" id="2023-3354"/>
  <issue tracker="cve" id="2021-3750"/>
  <issue tracker="cve" id="2023-0330"/>
  <issue tracker="cve" id="2023-3180"/>
  <issue tracker="cve" id="2021-3638"/>
  <packager>dfaggioli</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

- CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. (bsc#1207205)
- CVE-2023-3354: Fixed a remote unauthenticated DoS due to an improper I/O watch removal in VNC TLS handshake. (bsc#1212850)
- CVE-2023-3180: Fixed a heap buffer overflow in virtio_crypto_sym_op_helper(). (bsc#1213925)
- CVE-2021-3638: Fixed an out-of-bounds write due to an inconsistent check in ati_2d_blt(). (bsc#1188609)
- CVE-2023-3301: Fixed a DoS due to an assertion failure. (bsc#1213414)
- CVE-2021-3750: Fixed an use-after-free in DMA reentrancy issue. (bsc#1190011)
</description>
</patchinfo>