SUSE-SU-2021:14774-1

Advisory lineage Upstream: 8 Downstream: 0

Upstream

CVE-2020-11947 CVE-2020-15469 CVE-2020-15863 CVE-2020-25707 CVE-2021-20221 CVE-2021-3416

Published: 06 Aug 2021, 09:11

Last modified:04 Feb 2026, 03:09

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Aug 2021, 09:11

Published

Vulnerability first disclosed

04 Feb 2026, 03:09

Last Modified

Vulnerability information updated

Description

Security update for kvm This update for kvm fixes the following issues: - CVE-2021-3594: invalid pointer initialization may lead to information disclosure in slirp (udp) (bsc#1187367) - CVE-2021-3592: invalid pointer initialization may lead to information disclosure (bootp). (bsc#1187364) - CVE-2021-3416: infinite loop in loopback mode may lead to stack overflow. (bsc#1186473) - CVE-2020-15469: MMIO ops null pointer dereference may lead to DoS. (bsc#1173612) - CVE-2020-11947: iscsi_aio_ioctl_cb in block/iscsi.c has a heap-based buffer over-read. (bsc#1180523) - CVE-2021-20221: out-of-bound heap buffer access via an interrupt ID field. (bsc#1181933) - CVE-2020-25707: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c. (bsc#1178683) - CVE-2020-15863: stack-based overflow in xgmac_enet_send() in hw/net/xgmac.c. (bsc#1174386)

Affected Systems

suse•kvm&distro=SUSE Linux Enterprise Point of Sale 11 SP3
< 1.4.2-53.41.1

SUSE-SU-2021:14774-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (18)