SUSE-SU-2023:0671-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 08 Mar 2023, 10:55
Last modified:04 Feb 2026, 03:16
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
08 Mar 2023, 10:55
Published
Vulnerability first disclosed
04 Feb 2026, 03:16
Last Modified
Vulnerability information updated
Description
Security update for qemu This update for qemu fixes the following issues: - CVE-2022-4144: Fixed qxl_phys2virt unsafe address translation that can lead to out-of-bounds read (bsc#1205808). - CVE-2022-3165: Fixed integer underflow in vnc_client_cut_text_ext() (bsc#1203788). - CVE-2022-1050: Fixed use-after-free issue in pvrdma_exec_cmd() (bsc#1197653). Bugfixes: - Fixed deviation of guest clock (bsc#1206527). - Fixed broken 'block limits' VPD emulation (bsc#1202364).
Affected Systems
- opensuse•qemu-linux-user&distro=openSUSE Leap 15.4
< 6.2.0-150400.37.11.1
- opensuse•qemu-testsuite&distro=openSUSE Leap 15.4
< 6.2.0-150400.37.11.2
- opensuse•qemu&distro=openSUSE Leap 15.4
< 6.2.0-150400.37.11.1
- opensuse•qemu&distro=openSUSE Leap Micro 5.3
< 6.2.0-150400.37.11.1
- suse•qemu&distro=SUSE Linux Enterprise Micro 5.3
< 6.2.0-150400.37.11.1
- suse•qemu&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4
< 6.2.0-150400.37.11.1
- suse•qemu&distro=SUSE Linux Enterprise Module for Server Applications 15 SP4
< 6.2.0-150400.37.11.1
References (9)
- https://www.suse.com/support/update/announcement/2023/suse-su-20230671-1/
- https://bugzilla.suse.com/1197653
- https://bugzilla.suse.com/1202364
- https://bugzilla.suse.com/1203788
- https://bugzilla.suse.com/1205808
- https://bugzilla.suse.com/1206527
- https://www.suse.com/security/cve/CVE-2022-1050
- https://www.suse.com/security/cve/CVE-2022-3165
- https://www.suse.com/security/cve/CVE-2022-4144