OPENSUSE-SU-2020:1664-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 12 Oct 2020, 22:21
Last modified:04 Feb 2026, 03:08
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
12 Oct 2020, 22:21
Published
Vulnerability first disclosed
04 Feb 2026, 03:08
Last Modified
Vulnerability information updated
Description
Security update for qemu This update for qemu fixes the following issues: - CVE-2020-14364: Fixed an OOB access while processing USB packets (bsc#1175441,bsc#1176494). - CVE-2020-16092: Fixed a denial of service in packet processing of various emulated NICs (bsc#1174641). - CVE-2020-15863: Fixed a buffer overflow in the XGMAC device (bsc#1174386). - CVE-2020-24352: Fixed an out-of-bounds read/write in ati-vga device emulation in ati_2d_blt (bsc#1175370). - Allow to IPL secure guests with -no-reboot (bsc#1174863) This update was imported from the SUSE:SLE-15-SP2:Update update project.
Affected Systems
- opensuse•qemu-linux-user&distro=openSUSE Leap 15.2
< 4.2.1-lp152.9.6.1
- opensuse•qemu-testsuite&distro=openSUSE Leap 15.2
< 4.2.1-lp152.9.6.1
- opensuse•qemu&distro=openSUSE Leap 15.2
< 4.2.1-lp152.9.6.1
References (11)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QVFXHYA5K5PLF3ZBKNJIJ5BFDWNHLJZM/
- https://bugzilla.suse.com/1174386
- https://bugzilla.suse.com/1174641
- https://bugzilla.suse.com/1174863
- https://bugzilla.suse.com/1175370
- https://bugzilla.suse.com/1175441
- https://bugzilla.suse.com/1176494
- https://www.suse.com/security/cve/CVE-2020-14364
- https://www.suse.com/security/cve/CVE-2020-15863
- https://www.suse.com/security/cve/CVE-2020-16092
- https://www.suse.com/security/cve/CVE-2020-24352