[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2021:1242-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":56,"duplicates":57,"related":58,"reserved_at":9,"published_at":80,"modified_at":81,"state":9,"summary":82,"references_raw":84,"kevs":281,"epss":9,"epss_history":282,"metrics":283,"affected":284},"SUSE-SU-2021:1242-1","Security update for qemu\n\nThis update for qemu fixes the following issues:\n\n- Fix OOB access in sm501 device emulation (CVE-2020-12829, bsc#1172385)\n- Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383)\n- Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934)\n- Fix use-after-free in usb iehci packet handling (CVE-2020-25084, bsc#1176673)\n- Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684)\n- Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682)\n- Fix guest triggerable assert in shared network handling code (CVE-2020-27617, bsc#1178174)\n- Fix infinite loop (DoS) in e1000e device emulation (CVE-2020-28916, bsc#1179468)\n- Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108)\n- Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686)\n- Fix null pointer deref. (DoS) in mmio ops (CVE-2020-15469, bsc#1173612)\n- Fix infinite loop (DoS) in e1000 device emulation (CVE-2021-20257, bsc#1182577)\n- Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968)\n- Fix OOB access (stack overflow) in other NIC emulations (CVE-2021-3416)\n- Fix OOB access in SLIRP ARP/NCSI packet processing (CVE-2020-29129, bsc#1179466, CVE-2020-29130, bsc#1179467)\n- Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386)\n- Fix issue where s390 guest fails to find zipl boot menu index (bsc#1183979)\n- Fix OOB access in iscsi (CVE-2020-11947 bsc#1180523)\n- Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639)\n- Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425)\n- Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137)\n- Apply fixes to qemu scsi passthrough with respect to timeout and error conditions, including using more correct status codes. (bsc#1178049)\n- Fix OOB access in ARM interrupt handling (CVE-2021-20221 bsc#1181933)\n- Make note that this patch previously included addresses (CVE-2020-13765 bsc#1172478)\n- Tweaks to spec file for better formatting, and remove not needed BuildRequires for e2fsprogs-devel and libpcap-devel\n- Fix vfio-pci device on s390 enters error state (bsc#1179725)\n- Fix PCI devices are unavailable after a subsystem reset. (bsc#1179726)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54],{"_key":15},"CVE-2020-11947",{"_key":17},"CVE-2020-12829",{"_key":19},"CVE-2020-13362",{"_key":21},"CVE-2020-13659",{"_key":23},"CVE-2020-13765",{"_key":25},"CVE-2020-15469",{"_key":27},"CVE-2020-25084",{"_key":29},"CVE-2020-25624",{"_key":31},"CVE-2020-25625",{"_key":33},"CVE-2020-25723",{"_key":35},"CVE-2020-27617",{"_key":37},"CVE-2020-27821",{"_key":39},"CVE-2020-28916",{"_key":41},"CVE-2020-29129",{"_key":43},"CVE-2020-29130",{"_key":45},"CVE-2020-29443",{"_key":47},"CVE-2021-20181",{"_key":49},"CVE-2021-20203",{"_key":51},"CVE-2021-20221",{"_key":53},"CVE-2021-20257",{"_key":55},"CVE-2021-3416",[],[],[59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},"2021-04-16T12:44:46Z","2026-02-04T02:56:03.537674Z",{"cisa_kev":83,"cisa_ransomware":83,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[85,91,96,100,104,108,112,116,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184,188,192,196,201,205,209,213,217,221,225,229,233,237,241,245,249,253,257,261,265,269,273,277],{"url":86,"sources":87,"tags":89},"https://www.suse.com/support/update/announcement/2021/suse-su-20211242-1/",[88],"osv_suse",[90],"Advisory",{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/1172383",[88],[95],"REPORT",{"url":97,"sources":98,"tags":99},"https://bugzilla.suse.com/1172385",[88],[95],{"url":101,"sources":102,"tags":103},"https://bugzilla.suse.com/1172386",[88],[95],{"url":105,"sources":106,"tags":107},"https://bugzilla.suse.com/1172478",[88],[95],{"url":109,"sources":110,"tags":111},"https://bugzilla.suse.com/1173612",[88],[95],{"url":113,"sources":114,"tags":115},"https://bugzilla.suse.com/1176673",[88],[95],{"url":117,"sources":118,"tags":119},"https://bugzilla.suse.com/1176682",[88],[95],{"url":121,"sources":122,"tags":123},"https://bugzilla.suse.com/1176684",[88],[95],{"url":125,"sources":126,"tags":127},"https://bugzilla.suse.com/1178049",[88],[95],{"url":129,"sources":130,"tags":131},"https://bugzilla.suse.com/1178174",[88],[95],{"url":133,"sources":134,"tags":135},"https://bugzilla.suse.com/1178934",[88],[95],{"url":137,"sources":138,"tags":139},"https://bugzilla.suse.com/1179466",[88],[95],{"url":141,"sources":142,"tags":143},"https://bugzilla.suse.com/1179467",[88],[95],{"url":145,"sources":146,"tags":147},"https://bugzilla.suse.com/1179468",[88],[95],{"url":149,"sources":150,"tags":151},"https://bugzilla.suse.com/1179686",[88],[95],{"url":153,"sources":154,"tags":155},"https://bugzilla.suse.com/1179725",[88],[95],{"url":157,"sources":158,"tags":159},"https://bugzilla.suse.com/1179726",[88],[95],{"url":161,"sources":162,"tags":163},"https://bugzilla.suse.com/1180523",[88],[95],{"url":165,"sources":166,"tags":167},"https://bugzilla.suse.com/1181108",[88],[95],{"url":169,"sources":170,"tags":171},"https://bugzilla.suse.com/1181639",[88],[95],{"url":173,"sources":174,"tags":175},"https://bugzilla.suse.com/1181933",[88],[95],{"url":177,"sources":178,"tags":179},"https://bugzilla.suse.com/1182137",[88],[95],{"url":181,"sources":182,"tags":183},"https://bugzilla.suse.com/1182425",[88],[95],{"url":185,"sources":186,"tags":187},"https://bugzilla.suse.com/1182577",[88],[95],{"url":189,"sources":190,"tags":191},"https://bugzilla.suse.com/1182968",[88],[95],{"url":193,"sources":194,"tags":195},"https://bugzilla.suse.com/1183979",[88],[95],{"url":197,"sources":198,"tags":199},"https://www.suse.com/security/cve/CVE-2020-11947",[88],[200],"WEB",{"url":202,"sources":203,"tags":204},"https://www.suse.com/security/cve/CVE-2020-12829",[88],[200],{"url":206,"sources":207,"tags":208},"https://www.suse.com/security/cve/CVE-2020-13362",[88],[200],{"url":210,"sources":211,"tags":212},"https://www.suse.com/security/cve/CVE-2020-13659",[88],[200],{"url":214,"sources":215,"tags":216},"https://www.suse.com/security/cve/CVE-2020-13765",[88],[200],{"url":218,"sources":219,"tags":220},"https://www.suse.com/security/cve/CVE-2020-15469",[88],[200],{"url":222,"sources":223,"tags":224},"https://www.suse.com/security/cve/CVE-2020-25084",[88],[200],{"url":226,"sources":227,"tags":228},"https://www.suse.com/security/cve/CVE-2020-25624",[88],[200],{"url":230,"sources":231,"tags":232},"https://www.suse.com/security/cve/CVE-2020-25625",[88],[200],{"url":234,"sources":235,"tags":236},"https://www.suse.com/security/cve/CVE-2020-25723",[88],[200],{"url":238,"sources":239,"tags":240},"https://www.suse.com/security/cve/CVE-2020-27617",[88],[200],{"url":242,"sources":243,"tags":244},"https://www.suse.com/security/cve/CVE-2020-27821",[88],[200],{"url":246,"sources":247,"tags":248},"https://www.suse.com/security/cve/CVE-2020-28916",[88],[200],{"url":250,"sources":251,"tags":252},"https://www.suse.com/security/cve/CVE-2020-29129",[88],[200],{"url":254,"sources":255,"tags":256},"https://www.suse.com/security/cve/CVE-2020-29130",[88],[200],{"url":258,"sources":259,"tags":260},"https://www.suse.com/security/cve/CVE-2020-29443",[88],[200],{"url":262,"sources":263,"tags":264},"https://www.suse.com/security/cve/CVE-2021-20181",[88],[200],{"url":266,"sources":267,"tags":268},"https://www.suse.com/security/cve/CVE-2021-20203",[88],[200],{"url":270,"sources":271,"tags":272},"https://www.suse.com/security/cve/CVE-2021-20221",[88],[200],{"url":274,"sources":275,"tags":276},"https://www.suse.com/security/cve/CVE-2021-20257",[88],[200],{"url":278,"sources":279,"tags":280},"https://www.suse.com/security/cve/CVE-2021-3416",[88],[200],[],[],[],[285,298],{"ecosystem":286,"name":287,"vendor":288,"product":289,"cpe_part":9,"purl_type":290,"purl_namespace":288,"purl_name":289,"source":9,"versions":291},"SUSE Linux Enterprise","qemu","suse","qemu&distro=SUSE Linux Enterprise Server 12 SP5","rpm",[292],{"version":293,"is_range":294,"range_type":295,"version_start":9,"version_start_type":9,"version_end":296,"version_end_type":297,"fixed_in":9},"lt3_1_1_1_48_2",true,"ecosystem","3.1.1.1-48.2","excluding",{"ecosystem":286,"name":287,"vendor":288,"product":299,"cpe_part":9,"purl_type":290,"purl_namespace":288,"purl_name":299,"source":9,"versions":300},"qemu&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5",[301],{"version":293,"is_range":294,"range_type":295,"version_start":9,"version_start_type":9,"version_end":296,"version_end_type":297,"fixed_in":9}]