Overview

File _patchinfo of Package patchinfo.36637

<patchinfo incident="36637">
  <issue tracker="bnc" id="1229007">VUL-0: CVE-2024-7409: qemu: denial of service via improper synchronization in QEMU NBD Server during socket closure</issue>
  <issue tracker="bnc" id="1230834">VUL-0: CVE-2024-8354: kvm,qemu: usb: assertion failure in usb_ep_get()</issue>
  <issue tracker="bnc" id="1230915">VUL-0: CVE-2024-8612: qemu: qemu-kvm: information leak in virtio devices</issue>
  <issue tracker="cve" id="2024-8612"/>
  <issue tracker="cve" id="2024-8354"/>
  <issue tracker="cve" id="2024-7409"/>
  <packager>dfaggioli</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

- CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007)
- CVE-2024-8354: Fixed assertion failure in usb_ep_get() in usb (bsc#1230834)
- CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places