OPENSUSE-SU-2021:2474-1
Vulnerability Summary
Timeline
Description
Security update for qemu This update for qemu fixes the following issues: Security issues fixed: - CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366) - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364) - CVE-2021-3594: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367) - CVE-2021-3593: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp6) (bsc#1187365) - CVE-2021-3582: Fix possible mremap overflow in the pvrdma (bsc#1187499) - CVE-2021-3607: Ensure correct input on ring init (bsc#1187539) - CVE-2021-3608: Fix the ring init error flow (bsc#1187538) - CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow (bsc#1187529)
Affected Systems
- opensuse•qemu&distro=openSUSE Leap 15.3
< 4.2.1-11.25.2
References (17)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LOEJDVTTKRPTW4JLAPXEN46YAGYFJMDT/
- https://bugzilla.suse.com/1187364
- https://bugzilla.suse.com/1187365
- https://bugzilla.suse.com/1187366
- https://bugzilla.suse.com/1187367
- https://bugzilla.suse.com/1187499
- https://bugzilla.suse.com/1187529
- https://bugzilla.suse.com/1187538
- https://bugzilla.suse.com/1187539
- https://www.suse.com/security/cve/CVE-2021-3582
- https://www.suse.com/security/cve/CVE-2021-3592
- https://www.suse.com/security/cve/CVE-2021-3593
- https://www.suse.com/security/cve/CVE-2021-3594
- https://www.suse.com/security/cve/CVE-2021-3595
- https://www.suse.com/security/cve/CVE-2021-3607
- https://www.suse.com/security/cve/CVE-2021-3608
- https://www.suse.com/security/cve/CVE-2021-3611