OPENSUSE-SU-2021:2591-1

Advisory lineage Upstream: 9 Downstream: 0

Upstream

CVE-2020-25085 CVE-2021-3582 CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595

Published: 02 Aug 2021, 10:56

Last modified:04 Feb 2026, 04:32

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 Aug 2021, 10:56

Published

Vulnerability first disclosed

04 Feb 2026, 04:32

Last Modified

Vulnerability information updated

Description

Security update for qemu This update for qemu fixes the following issues: Security issues fixed: - CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366) - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364) - CVE-2021-3594: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367) - CVE-2021-3593: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp6) (bsc#1187365) - CVE-2021-3582: Fix possible mremap overflow in the pvrdma (bsc#1187499) - CVE-2021-3607: Ensure correct input on ring init (bsc#1187539) - CVE-2021-3608: Fix the ring init error flow (bsc#1187538) - CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow (bsc#1187529) - CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA (bsc#1176681) Other issues fixed: - QEMU BIOS fails to read stage2 loader (on s390x)(bsc#1186290) - Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)

Affected Systems

opensuse•qemu&distro=openSUSE Leap 15.3
< 3.1.1.1-9.30.2

OPENSUSE-SU-2021:2591-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (21)