[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2021:1241-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":62,"duplicates":63,"related":64,"reserved_at":9,"published_at":89,"modified_at":90,"state":9,"summary":91,"references_raw":93,"kevs":306,"epss":9,"epss_history":307,"metrics":308,"affected":309},"SUSE-SU-2021:1241-1","Security update for qemu\n\nThis update for qemu fixes the following issues:\n\n- Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385)\n- Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362, bsc#1172383)\n- Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934)\n- Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673)\n- Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682)\n- Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684)\n- Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174)\n- Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468)\n- Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108)\n- Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612)\n- Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577)\n- Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968)\n- Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416)\n- Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467)\n- Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659, bsc#1172386)\n- Fix OOB access in iscsi (CVE-2020-11947, bsc#1180523)\n- Fix OOB access in vmxnet3 emulation (CVE-2021-20203, bsc#1181639)\n- Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386)\n- Fix DoS in packet processing of various emulated NICs (CVE-2020-16092, bsc#1174641)\n- Fix OOB access while processing USB packets (CVE-2020-14364, bsc#1175441)\n- Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425)\n- Fix potential privilege escalation in virtfs (CVE-2021-20181, bsc#1182137)\n- Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361, bsc#1172384)\n- Fix OOB access in ROM loading (CVE-2020-13765, bsc#1172478)\n- Fix qemu-testsuite failure\n- Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115)\n- Fix OOB access in ARM interrupt handling (CVE-2021-20221, bsc#1181933)\n- Fix slowness in arm32 emulation (bsc#1112499)\n- Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385)\n- Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362, bsc#1172383)\n- Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934)\n- Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673)\n- Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682)\n- Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684)\n- Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174)\n- Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468)\n- Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108)\n- Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612)\n- Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577)\n- Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968)\n- Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416)\n- Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467)\n- Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659, bsc#1172386)\n- Fix OOB access in iscsi (CVE-2020-11947, bsc#1180523)\n- Fix OOB access in vmxnet3 emulation (CVE-2021-20203, bsc#1181639)\n- Fix buffer overflow in the XGMAC device (CVE-2020-15863, bsc#1174386)\n- Fix DoS in packet processing of various emulated NICs (CVE-2020-16092, bsc#1174641)\n- Fix OOB access while processing USB packets (CVE-2020-14364, bsc#1175441)\n- Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425)\n- Fix potential privilege escalation in virtfs (CVE-2021-20181, bsc#1182137)\n- Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361, bsc#1172384)\n- Fix OOB access in ROM loading (CVE-2020-13765, bsc#1172478)\n- Fix qemu-testsuite failure\n- Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115)\n- Fix OOB access in ARM interrupt handling (CVE-2021-20221, bsc#1181933)\n- Fix slowness in arm32 emulation (bsc#1112499)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60],{"_key":15},"CVE-2020-11947",{"_key":17},"CVE-2020-12829",{"_key":19},"CVE-2020-13361",{"_key":21},"CVE-2020-13362",{"_key":23},"CVE-2020-13659",{"_key":25},"CVE-2020-13765",{"_key":27},"CVE-2020-14364",{"_key":29},"CVE-2020-15469",{"_key":31},"CVE-2020-15863",{"_key":33},"CVE-2020-16092",{"_key":35},"CVE-2020-25084",{"_key":37},"CVE-2020-25624",{"_key":39},"CVE-2020-25625",{"_key":41},"CVE-2020-25723",{"_key":43},"CVE-2020-27617",{"_key":45},"CVE-2020-28916",{"_key":47},"CVE-2020-29129",{"_key":49},"CVE-2020-29130",{"_key":51},"CVE-2020-29443",{"_key":53},"CVE-2021-20181",{"_key":55},"CVE-2021-20203",{"_key":57},"CVE-2021-20221",{"_key":59},"CVE-2021-20257",{"_key":61},"CVE-2021-3416",[],[],[65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},"2021-04-16T11:59:57Z","2026-02-04T03:21:01.163263Z",{"cisa_kev":92,"cisa_ransomware":92,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[94,100,105,109,113,117,121,125,129,133,137,141,145,149,153,157,161,165,169,173,177,181,185,189,193,197,201,205,209,214,218,222,226,230,234,238,242,246,250,254,258,262,266,270,274,278,282,286,290,294,298,302],{"url":95,"sources":96,"tags":98},"https://www.suse.com/support/update/announcement/2021/suse-su-20211241-1/",[97],"osv_suse",[99],"Advisory",{"url":101,"sources":102,"tags":103},"https://bugzilla.suse.com/1112499",[97],[104],"REPORT",{"url":106,"sources":107,"tags":108},"https://bugzilla.suse.com/1119115",[97],[104],{"url":110,"sources":111,"tags":112},"https://bugzilla.suse.com/1172383",[97],[104],{"url":114,"sources":115,"tags":116},"https://bugzilla.suse.com/1172384",[97],[104],{"url":118,"sources":119,"tags":120},"https://bugzilla.suse.com/1172385",[97],[104],{"url":122,"sources":123,"tags":124},"https://bugzilla.suse.com/1172386",[97],[104],{"url":126,"sources":127,"tags":128},"https://bugzilla.suse.com/1172478",[97],[104],{"url":130,"sources":131,"tags":132},"https://bugzilla.suse.com/1173612",[97],[104],{"url":134,"sources":135,"tags":136},"https://bugzilla.suse.com/1174386",[97],[104],{"url":138,"sources":139,"tags":140},"https://bugzilla.suse.com/1174641",[97],[104],{"url":142,"sources":143,"tags":144},"https://bugzilla.suse.com/1175441",[97],[104],{"url":146,"sources":147,"tags":148},"https://bugzilla.suse.com/1176673",[97],[104],{"url":150,"sources":151,"tags":152},"https://bugzilla.suse.com/1176682",[97],[104],{"url":154,"sources":155,"tags":156},"https://bugzilla.suse.com/1176684",[97],[104],{"url":158,"sources":159,"tags":160},"https://bugzilla.suse.com/1178174",[97],[104],{"url":162,"sources":163,"tags":164},"https://bugzilla.suse.com/1178934",[97],[104],{"url":166,"sources":167,"tags":168},"https://bugzilla.suse.com/1179466",[97],[104],{"url":170,"sources":171,"tags":172},"https://bugzilla.suse.com/1179467",[97],[104],{"url":174,"sources":175,"tags":176},"https://bugzilla.suse.com/1179468",[97],[104],{"url":178,"sources":179,"tags":180},"https://bugzilla.suse.com/1180523",[97],[104],{"url":182,"sources":183,"tags":184},"https://bugzilla.suse.com/1181108",[97],[104],{"url":186,"sources":187,"tags":188},"https://bugzilla.suse.com/1181639",[97],[104],{"url":190,"sources":191,"tags":192},"https://bugzilla.suse.com/1181933",[97],[104],{"url":194,"sources":195,"tags":196},"https://bugzilla.suse.com/1182137",[97],[104],{"url":198,"sources":199,"tags":200},"https://bugzilla.suse.com/1182425",[97],[104],{"url":202,"sources":203,"tags":204},"https://bugzilla.suse.com/1182577",[97],[104],{"url":206,"sources":207,"tags":208},"https://bugzilla.suse.com/1182968",[97],[104],{"url":210,"sources":211,"tags":212},"https://www.suse.com/security/cve/CVE-2020-11947",[97],[213],"WEB",{"url":215,"sources":216,"tags":217},"https://www.suse.com/security/cve/CVE-2020-12829",[97],[213],{"url":219,"sources":220,"tags":221},"https://www.suse.com/security/cve/CVE-2020-13361",[97],[213],{"url":223,"sources":224,"tags":225},"https://www.suse.com/security/cve/CVE-2020-13362",[97],[213],{"url":227,"sources":228,"tags":229},"https://www.suse.com/security/cve/CVE-2020-13659",[97],[213],{"url":231,"sources":232,"tags":233},"https://www.suse.com/security/cve/CVE-2020-13765",[97],[213],{"url":235,"sources":236,"tags":237},"https://www.suse.com/security/cve/CVE-2020-14364",[97],[213],{"url":239,"sources":240,"tags":241},"https://www.suse.com/security/cve/CVE-2020-15469",[97],[213],{"url":243,"sources":244,"tags":245},"https://www.suse.com/security/cve/CVE-2020-15863",[97],[213],{"url":247,"sources":248,"tags":249},"https://www.suse.com/security/cve/CVE-2020-16092",[97],[213],{"url":251,"sources":252,"tags":253},"https://www.suse.com/security/cve/CVE-2020-25084",[97],[213],{"url":255,"sources":256,"tags":257},"https://www.suse.com/security/cve/CVE-2020-25624",[97],[213],{"url":259,"sources":260,"tags":261},"https://www.suse.com/security/cve/CVE-2020-25625",[97],[213],{"url":263,"sources":264,"tags":265},"https://www.suse.com/security/cve/CVE-2020-25723",[97],[213],{"url":267,"sources":268,"tags":269},"https://www.suse.com/security/cve/CVE-2020-27617",[97],[213],{"url":271,"sources":272,"tags":273},"https://www.suse.com/security/cve/CVE-2020-28916",[97],[213],{"url":275,"sources":276,"tags":277},"https://www.suse.com/security/cve/CVE-2020-29129",[97],[213],{"url":279,"sources":280,"tags":281},"https://www.suse.com/security/cve/CVE-2020-29130",[97],[213],{"url":283,"sources":284,"tags":285},"https://www.suse.com/security/cve/CVE-2020-29443",[97],[213],{"url":287,"sources":288,"tags":289},"https://www.suse.com/security/cve/CVE-2021-20181",[97],[213],{"url":291,"sources":292,"tags":293},"https://www.suse.com/security/cve/CVE-2021-20203",[97],[213],{"url":295,"sources":296,"tags":297},"https://www.suse.com/security/cve/CVE-2021-20221",[97],[213],{"url":299,"sources":300,"tags":301},"https://www.suse.com/security/cve/CVE-2021-20257",[97],[213],{"url":303,"sources":304,"tags":305},"https://www.suse.com/security/cve/CVE-2021-3416",[97],[213],[],[],[],[310,323,327,331],{"ecosystem":311,"name":312,"vendor":313,"product":314,"cpe_part":9,"purl_type":315,"purl_namespace":313,"purl_name":314,"source":9,"versions":316},"SUSE Linux Enterprise","qemu","suse","qemu&distro=SUSE Linux Enterprise Server 12 SP4-LTSS","rpm",[317],{"version":318,"is_range":319,"range_type":320,"version_start":9,"version_start_type":9,"version_end":321,"version_end_type":322,"fixed_in":9},"lt2_11_2_5_29_1",true,"ecosystem","2.11.2-5.29.1","excluding",{"ecosystem":311,"name":312,"vendor":313,"product":324,"cpe_part":9,"purl_type":315,"purl_namespace":313,"purl_name":324,"source":9,"versions":325},"qemu&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4",[326],{"version":318,"is_range":319,"range_type":320,"version_start":9,"version_start_type":9,"version_end":321,"version_end_type":322,"fixed_in":9},{"ecosystem":311,"name":312,"vendor":313,"product":328,"cpe_part":9,"purl_type":315,"purl_namespace":313,"purl_name":328,"source":9,"versions":329},"qemu&distro=SUSE OpenStack Cloud 9",[330],{"version":318,"is_range":319,"range_type":320,"version_start":9,"version_start_type":9,"version_end":321,"version_end_type":322,"fixed_in":9},{"ecosystem":311,"name":312,"vendor":313,"product":332,"cpe_part":9,"purl_type":315,"purl_namespace":313,"purl_name":332,"source":9,"versions":333},"qemu&distro=SUSE OpenStack Cloud Crowbar 9",[334],{"version":318,"is_range":319,"range_type":320,"version_start":9,"version_start_type":9,"version_end":321,"version_end_type":322,"fixed_in":9}]