[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2021:1043-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":42,"duplicates":43,"related":44,"reserved_at":9,"published_at":59,"modified_at":60,"state":9,"summary":61,"references_raw":63,"kevs":204,"epss":9,"epss_history":205,"metrics":206,"affected":207},"OPENSUSE-SU-2021:1043-1","Security update for qemu\n\nThis update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2021-3546: Fix out-of-bounds write in virgl_cmd_get_capset (bsc#1185981)\n- CVE-2021-3544: Fix memory leaks found in the virtio vhost-user GPU device (bsc#1186010)\n- CVE-2021-3545: Fix information disclosure due to uninitialized memory read (bsc#1185990)\n- CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA (bsc#1176681)\n- CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply(bsc#1172380)\n- For the record, these issues are fixed in this package already.\n  Most are alternate references to previously mentioned issues:\n  (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019,\n  CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683,\n  CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477,\n  CVE-2020-29129, bsc#1179484, CVE-2021-20257, bsc#1182846,\n  CVE-2021-3419, bsc#1182975)\n\nNon-security issues fixed:\n\n- Fix issue where s390 guest fails to find zipl boot menu index (bsc#1183979)\n- QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290)\n- Host CPU microcode revision will be visible inside VMs when the proper CPU-model is used (jsc#SLE-17785):\n- Fix testsuite error (bsc#1184574)\n- Fix qemu crash with iothread when block commit after snapshot (bsc#1187013)\n- Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)\n- Use RCU to avoid race during scsi hotplug/hotunplug (bsc#1184574)\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40],{"_key":15},"CVE-2019-15890",{"_key":17},"CVE-2020-10756",{"_key":19},"CVE-2020-14364",{"_key":21},"CVE-2020-25085",{"_key":23},"CVE-2020-25707",{"_key":25},"CVE-2020-25723",{"_key":27},"CVE-2020-29129",{"_key":29},"CVE-2020-29130",{"_key":31},"CVE-2020-8608",{"_key":33},"CVE-2021-20257",{"_key":35},"CVE-2021-3419",{"_key":37},"CVE-2021-3544",{"_key":39},"CVE-2021-3545",{"_key":41},"CVE-2021-3546",[],[],[45,46,47,48,49,50,51,52,53,54,55,56,57,58],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},"2021-07-13T22:06:05Z","2026-02-04T03:13:51.977385Z",{"cisa_kev":62,"cisa_ransomware":62,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[64,70,75,79,83,87,91,95,99,103,107,111,115,119,123,127,131,135,139,143,147,152,156,160,164,168,172,176,180,184,188,192,196,200],{"url":65,"sources":66,"tags":68},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SVDDMT7IUGYOEFTYO3UWD73PJMJL4FSY/",[67],"osv_opensuse",[69],"Advisory",{"url":71,"sources":72,"tags":73},"https://bugzilla.suse.com/1149813",[67],[74],"REPORT",{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/1163019",[67],[74],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/1172380",[67],[74],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/1175534",[67],[74],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/1176681",[67],[74],{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/1178683",[67],[74],{"url":96,"sources":97,"tags":98},"https://bugzilla.suse.com/1178935",[67],[74],{"url":100,"sources":101,"tags":102},"https://bugzilla.suse.com/1179477",[67],[74],{"url":104,"sources":105,"tags":106},"https://bugzilla.suse.com/1179484",[67],[74],{"url":108,"sources":109,"tags":110},"https://bugzilla.suse.com/1182846",[67],[74],{"url":112,"sources":113,"tags":114},"https://bugzilla.suse.com/1182975",[67],[74],{"url":116,"sources":117,"tags":118},"https://bugzilla.suse.com/1183979",[67],[74],{"url":120,"sources":121,"tags":122},"https://bugzilla.suse.com/1184574",[67],[74],{"url":124,"sources":125,"tags":126},"https://bugzilla.suse.com/1185591",[67],[74],{"url":128,"sources":129,"tags":130},"https://bugzilla.suse.com/1185981",[67],[74],{"url":132,"sources":133,"tags":134},"https://bugzilla.suse.com/1185990",[67],[74],{"url":136,"sources":137,"tags":138},"https://bugzilla.suse.com/1186010",[67],[74],{"url":140,"sources":141,"tags":142},"https://bugzilla.suse.com/1186290",[67],[74],{"url":144,"sources":145,"tags":146},"https://bugzilla.suse.com/1187013",[67],[74],{"url":148,"sources":149,"tags":150},"https://www.suse.com/security/cve/CVE-2019-15890",[67],[151],"WEB",{"url":153,"sources":154,"tags":155},"https://www.suse.com/security/cve/CVE-2020-10756",[67],[151],{"url":157,"sources":158,"tags":159},"https://www.suse.com/security/cve/CVE-2020-14364",[67],[151],{"url":161,"sources":162,"tags":163},"https://www.suse.com/security/cve/CVE-2020-25085",[67],[151],{"url":165,"sources":166,"tags":167},"https://www.suse.com/security/cve/CVE-2020-25707",[67],[151],{"url":169,"sources":170,"tags":171},"https://www.suse.com/security/cve/CVE-2020-25723",[67],[151],{"url":173,"sources":174,"tags":175},"https://www.suse.com/security/cve/CVE-2020-29129",[67],[151],{"url":177,"sources":178,"tags":179},"https://www.suse.com/security/cve/CVE-2020-29130",[67],[151],{"url":181,"sources":182,"tags":183},"https://www.suse.com/security/cve/CVE-2020-8608",[67],[151],{"url":185,"sources":186,"tags":187},"https://www.suse.com/security/cve/CVE-2021-20257",[67],[151],{"url":189,"sources":190,"tags":191},"https://www.suse.com/security/cve/CVE-2021-3419",[67],[151],{"url":193,"sources":194,"tags":195},"https://www.suse.com/security/cve/CVE-2021-3544",[67],[151],{"url":197,"sources":198,"tags":199},"https://www.suse.com/security/cve/CVE-2021-3545",[67],[151],{"url":201,"sources":202,"tags":203},"https://www.suse.com/security/cve/CVE-2021-3546",[67],[151],[],[],[],[208,221,228],{"ecosystem":209,"name":210,"vendor":211,"product":212,"cpe_part":9,"purl_type":213,"purl_namespace":211,"purl_name":212,"source":9,"versions":214},"openSUSE","qemu-linux-user","opensuse","qemu-linux-user&distro=openSUSE Leap 15.2","rpm",[215],{"version":216,"is_range":217,"range_type":218,"version_start":9,"version_start_type":9,"version_end":219,"version_end_type":220,"fixed_in":9},"lt4_2_1_lp152_9_16_1",true,"ecosystem","4.2.1-lp152.9.16.1","excluding",{"ecosystem":209,"name":222,"vendor":211,"product":223,"cpe_part":9,"purl_type":213,"purl_namespace":211,"purl_name":223,"source":9,"versions":224},"qemu-testsuite","qemu-testsuite&distro=openSUSE Leap 15.2",[225],{"version":226,"is_range":217,"range_type":218,"version_start":9,"version_start_type":9,"version_end":227,"version_end_type":220,"fixed_in":9},"lt4_2_1_lp152_9_16_7","4.2.1-lp152.9.16.7",{"ecosystem":209,"name":229,"vendor":211,"product":230,"cpe_part":9,"purl_type":213,"purl_namespace":211,"purl_name":230,"source":9,"versions":231},"qemu","qemu&distro=openSUSE Leap 15.2",[232],{"version":233,"is_range":217,"range_type":218,"version_start":9,"version_start_type":9,"version_end":234,"version_end_type":220,"fixed_in":9},"lt4_2_1_lp152_9_16_2","4.2.1-lp152.9.16.2"]