Security update for qemu SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:1242-1 Final 1 1 2021-04-16T12:44:46Z current 2021-04-16T12:44:46Z 2021-04-16T12:44:46Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for qemu This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385) - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) - Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934) - Fix use-after-free in usb iehci packet handling (CVE-2020-25084, bsc#1176673) - Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684) - Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682) - Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174) - Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468) - Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108) - Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686) - Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612) - Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416) - Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) - Fix issue where s390 guest fails to find zipl boot menu index (bsc#1183979) - Fix OOB access in iscsi (CVE-2020-11947 bsc#1180523) - Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137) - Apply fixes to qemu scsi passthrough with respect to timeout and error conditions, including using more correct status codes. (bsc#1178049) - Fix OOB access in ARM interrupt handling (CVE-2021-20221 bsc#1181933) - Make note that this patch previously included addresses (CVE-2020-13765 bsc#1172478) - Tweaks to spec file for better formatting, and remove not needed BuildRequires for e2fsprogs-devel and libpcap-devel - Fix vfio-pci device on s390 enters error state (bsc#1179725) - Fix PCI devices are unavailable after a subsystem reset. (bsc#1179726) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES12-SP5-EC2-ECS-On-Demand-2021-1242,SUSE-2021-1242,SUSE-SLE-SERVER-12-SP5-2021-1242 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ Link for SUSE-SU-2021:1242-1 https://lists.suse.com/pipermail/sle-security-updates/2021-April/008652.html E-Mail link for SUSE-SU-2021:1242-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1172383 SUSE Bug 1172383 https://bugzilla.suse.com/1172385 SUSE Bug 1172385 https://bugzilla.suse.com/1172386 SUSE Bug 1172386 https://bugzilla.suse.com/1172478 SUSE Bug 1172478 https://bugzilla.suse.com/1173612 SUSE Bug 1173612 https://bugzilla.suse.com/1176673 SUSE Bug 1176673 https://bugzilla.suse.com/1176682 SUSE Bug 1176682 https://bugzilla.suse.com/1176684 SUSE Bug 1176684 https://bugzilla.suse.com/1178049 SUSE Bug 1178049 https://bugzilla.suse.com/1178174 SUSE Bug 1178174 https://bugzilla.suse.com/1178934 SUSE Bug 1178934 https://bugzilla.suse.com/1179466 SUSE Bug 1179466 https://bugzilla.suse.com/1179467 SUSE Bug 1179467 https://bugzilla.suse.com/1179468 SUSE Bug 1179468 https://bugzilla.suse.com/1179686 SUSE Bug 1179686 https://bugzilla.suse.com/1179725 SUSE Bug 1179725 https://bugzilla.suse.com/1179726 SUSE Bug 1179726 https://bugzilla.suse.com/1180523 SUSE Bug 1180523 https://bugzilla.suse.com/1181108 SUSE Bug 1181108 https://bugzilla.suse.com/1181639 SUSE Bug 1181639 https://bugzilla.suse.com/1181933 SUSE Bug 1181933 https://bugzilla.suse.com/1182137 SUSE Bug 1182137 https://bugzilla.suse.com/1182425 SUSE Bug 1182425 https://bugzilla.suse.com/1182577 SUSE Bug 1182577 https://bugzilla.suse.com/1182968 SUSE Bug 1182968 https://bugzilla.suse.com/1183979 SUSE Bug 1183979 https://www.suse.com/security/cve/CVE-2020-11947/ SUSE CVE CVE-2020-11947 page https://www.suse.com/security/cve/CVE-2020-12829/ SUSE CVE CVE-2020-12829 page https://www.suse.com/security/cve/CVE-2020-13362/ SUSE CVE CVE-2020-13362 page https://www.suse.com/security/cve/CVE-2020-13659/ SUSE CVE CVE-2020-13659 page https://www.suse.com/security/cve/CVE-2020-13765/ SUSE CVE CVE-2020-13765 page https://www.suse.com/security/cve/CVE-2020-15469/ SUSE CVE CVE-2020-15469 page https://www.suse.com/security/cve/CVE-2020-25084/ SUSE CVE CVE-2020-25084 page https://www.suse.com/security/cve/CVE-2020-25624/ SUSE CVE CVE-2020-25624 page https://www.suse.com/security/cve/CVE-2020-25625/ SUSE CVE CVE-2020-25625 page https://www.suse.com/security/cve/CVE-2020-25723/ SUSE CVE CVE-2020-25723 page https://www.suse.com/security/cve/CVE-2020-27617/ SUSE CVE CVE-2020-27617 page https://www.suse.com/security/cve/CVE-2020-27821/ SUSE CVE CVE-2020-27821 page https://www.suse.com/security/cve/CVE-2020-28916/ SUSE CVE CVE-2020-28916 page https://www.suse.com/security/cve/CVE-2020-29129/ SUSE CVE CVE-2020-29129 page https://www.suse.com/security/cve/CVE-2020-29130/ SUSE CVE CVE-2020-29130 page https://www.suse.com/security/cve/CVE-2020-29443/ SUSE CVE CVE-2020-29443 page https://www.suse.com/security/cve/CVE-2021-20181/ SUSE CVE CVE-2021-20181 page https://www.suse.com/security/cve/CVE-2021-20203/ SUSE CVE CVE-2021-20203 page https://www.suse.com/security/cve/CVE-2021-20221/ SUSE CVE CVE-2021-20221 page https://www.suse.com/security/cve/CVE-2021-20257/ SUSE CVE CVE-2021-20257 page https://www.suse.com/security/cve/CVE-2021-3416/ SUSE CVE CVE-2021-3416 page Image SLES12-SP5-EC2-ECS-On-Demand SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-tools-3.1.1.1-48.2 qemu-3.1.1.1-48.2 qemu-arm-3.1.1.1-48.2 qemu-audio-alsa-3.1.1.1-48.2 qemu-audio-oss-3.1.1.1-48.2 qemu-audio-pa-3.1.1.1-48.2 qemu-audio-sdl-3.1.1.1-48.2 qemu-block-curl-3.1.1.1-48.2 qemu-block-dmg-3.1.1.1-48.2 qemu-block-iscsi-3.1.1.1-48.2 qemu-block-rbd-3.1.1.1-48.2 qemu-block-ssh-3.1.1.1-48.2 qemu-extra-3.1.1.1-48.2 qemu-guest-agent-3.1.1.1-48.2 qemu-ipxe-1.0.0+-48.2 qemu-kvm-3.1.1.1-48.2 qemu-lang-3.1.1.1-48.2 qemu-linux-user-3.1.1.1-48.1 qemu-ppc-3.1.1.1-48.2 qemu-s390-3.1.1.1-48.2 qemu-seabios-1.12.0_0_ga698c89-48.2 qemu-sgabios-8-48.2 qemu-ui-curses-3.1.1.1-48.2 qemu-ui-gtk-3.1.1.1-48.2 qemu-ui-sdl-3.1.1.1-48.2 qemu-vgabios-1.12.0_0_ga698c89-48.2 qemu-x86-3.1.1.1-48.2 qemu-tools-3.1.1.1-48.2 as a component of Image SLES12-SP5-EC2-ECS-On-Demand qemu-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-arm-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-audio-alsa-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-audio-oss-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-audio-pa-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-audio-sdl-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-block-curl-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-block-iscsi-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-block-rbd-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-block-ssh-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-guest-agent-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-ipxe-1.0.0+-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-kvm-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-lang-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-ppc-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-s390-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-seabios-1.12.0_0_ga698c89-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-sgabios-8-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-tools-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-ui-curses-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-ui-gtk-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-ui-sdl-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-vgabios-1.12.0_0_ga698c89-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-x86-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server 12 SP5 qemu-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-arm-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-audio-alsa-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-audio-oss-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-audio-pa-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-audio-sdl-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-block-curl-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-block-iscsi-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-block-rbd-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-block-ssh-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-guest-agent-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-ipxe-1.0.0+-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-kvm-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-lang-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-ppc-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-s390-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-seabios-1.12.0_0_ga698c89-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-sgabios-8-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-tools-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-ui-curses-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-ui-gtk-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-ui-sdl-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-vgabios-1.12.0_0_ga698c89-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 qemu-x86-3.1.1.1-48.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. CVE-2020-11947 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-11947.html CVE-2020-11947 https://bugzilla.suse.com/1180523 SUSE Bug 1180523 In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service. CVE-2020-12829 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-12829.html CVE-2020-12829 https://bugzilla.suse.com/1172385 SUSE Bug 1172385 In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. CVE-2020-13362 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-13362.html CVE-2020-13362 https://bugzilla.suse.com/1172383 SUSE Bug 1172383 address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. CVE-2020-13659 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-13659.html CVE-2020-13659 https://bugzilla.suse.com/1172386 SUSE Bug 1172386 rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation. CVE-2020-13765 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-13765.html CVE-2020-13765 https://bugzilla.suse.com/1172478 SUSE Bug 1172478 In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. CVE-2020-15469 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-15469.html CVE-2020-15469 https://bugzilla.suse.com/1173612 SUSE Bug 1173612 QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. CVE-2020-25084 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-25084.html CVE-2020-25084 https://bugzilla.suse.com/1176673 SUSE Bug 1176673 hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. CVE-2020-25624 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-25624.html CVE-2020-25624 https://bugzilla.suse.com/1176682 SUSE Bug 1176682 hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. CVE-2020-25625 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 low 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-25625.html CVE-2020-25625 https://bugzilla.suse.com/1176684 SUSE Bug 1176684 A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. CVE-2020-25723 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-25723.html CVE-2020-25723 https://bugzilla.suse.com/1178934 SUSE Bug 1178934 https://bugzilla.suse.com/1178935 SUSE Bug 1178935 eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. CVE-2020-27617 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 4 AV:N/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-27617.html CVE-2020-27617 https://bugzilla.suse.com/1178174 SUSE Bug 1178174 A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0. CVE-2020-27821 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 important 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-27821.html CVE-2020-27821 https://bugzilla.suse.com/1179686 SUSE Bug 1179686 hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. CVE-2020-28916 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-28916.html CVE-2020-28916 https://bugzilla.suse.com/1178683 SUSE Bug 1178683 https://bugzilla.suse.com/1179468 SUSE Bug 1179468 ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. CVE-2020-29129 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 4 AV:N/AC:L/Au:S/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-29129.html CVE-2020-29129 https://bugzilla.suse.com/1179466 SUSE Bug 1179466 https://bugzilla.suse.com/1179467 SUSE Bug 1179467 https://bugzilla.suse.com/1179477 SUSE Bug 1179477 https://bugzilla.suse.com/1179484 SUSE Bug 1179484 slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. CVE-2020-29130 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 4 AV:N/AC:L/Au:S/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-29130.html CVE-2020-29130 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1179467 SUSE Bug 1179467 https://bugzilla.suse.com/1179477 SUSE Bug 1179477 ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. CVE-2020-29443 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 3.3 AV:L/AC:M/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2020-29443.html CVE-2020-29443 https://bugzilla.suse.com/1181108 SUSE Bug 1181108 A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability. CVE-2021-20181 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2021-20181.html CVE-2021-20181 https://bugzilla.suse.com/1182137 SUSE Bug 1182137 An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. CVE-2021-20203 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2021-20203.html CVE-2021-20203 https://bugzilla.suse.com/1181639 SUSE Bug 1181639 An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. CVE-2021-20221 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2021-20221.html CVE-2021-20221 https://bugzilla.suse.com/1181933 SUSE Bug 1181933 An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. CVE-2021-20257 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2021-20257.html CVE-2021-20257 https://bugzilla.suse.com/1182577 SUSE Bug 1182577 https://bugzilla.suse.com/1182846 SUSE Bug 1182846 A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. CVE-2021-3416 Image SLES12-SP5-EC2-ECS-On-Demand:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server 12 SP5:qemu-x86-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-arm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-alsa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-oss-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-pa-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-audio-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-curl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-iscsi-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-rbd-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-block-ssh-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-guest-agent-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ipxe-1.0.0+-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-kvm-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-lang-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ppc-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-s390-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-seabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-sgabios-8-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-tools-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-curses-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-gtk-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-ui-sdl-3.1.1.1-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-vgabios-1.12.0_0_ga698c89-48.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:qemu-x86-3.1.1.1-48.2 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/ https://www.suse.com/security/cve/CVE-2021-3416.html CVE-2021-3416 https://bugzilla.suse.com/1182968 SUSE Bug 1182968 https://bugzilla.suse.com/1186473 SUSE Bug 1186473