SUSE-SU-2020:2877-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 07 Oct 2020, 12:43
Last modified:04 Feb 2026, 03:45
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
07 Oct 2020, 12:43
Published
Vulnerability first disclosed
04 Feb 2026, 03:45
Last Modified
Vulnerability information updated
Description
Security update for qemu This update for qemu fixes the following issues: - CVE-2020-14364: Fixed an OOB access while processing USB packets (bsc#1175441,bsc#1176494). - CVE-2020-16092: Fixed a denial of service in packet processing of various emulated NICs (bsc#1174641). - CVE-2020-15863: Fixed a buffer overflow in the XGMAC device (bsc#1174386). - CVE-2020-24352: Fixed an out-of-bounds read/write in ati-vga device emulation in ati_2d_blt (bsc#1175370). - Allow to IPL secure guests with -no-reboot (bsc#1174863)
Affected Systems
- suse•qemu&distro=SUSE Linux Enterprise Module for Basesystem 15 SP2
< 4.2.1-11.10.1
- suse•qemu&distro=SUSE Linux Enterprise Module for Server Applications 15 SP2
< 4.2.1-11.10.1
References (11)
- https://www.suse.com/support/update/announcement/2020/suse-su-20202877-1/
- https://bugzilla.suse.com/1174386
- https://bugzilla.suse.com/1174641
- https://bugzilla.suse.com/1174863
- https://bugzilla.suse.com/1175370
- https://bugzilla.suse.com/1175441
- https://bugzilla.suse.com/1176494
- https://www.suse.com/security/cve/CVE-2020-14364
- https://www.suse.com/security/cve/CVE-2020-15863
- https://www.suse.com/security/cve/CVE-2020-16092
- https://www.suse.com/security/cve/CVE-2020-24352