SUSE-SU-2023:3082-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 31 Jul 2023, 20:04
Last modified:04 Feb 2026, 03:15
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
31 Jul 2023, 20:04
Published
Vulnerability first disclosed
04 Feb 2026, 03:15
Last Modified
Vulnerability information updated
Description
Security update for qemu This update for qemu fixes the following issues: - CVE-2023-3301: Fixed incorrect cleanup of the vdpa/vhost-net structures if peer nic is present (bsc#1213414). - CVE-2023-0330: Fixed reentrancy issues in the LSI controller (bsc#1207205). - CVE-2023-2861: Fixed opening special files in 9pfs (bsc#1212968). - CVE-2023-3255: Fixed infinite loop in inflate_buffer() leads to denial of service (bsc#1213001). Bugfixes: - hw/ide/piix: properly initialize the BMIBA register (bsc#bsc#1179993) - Fixed issue where Guest did not run on XEN SLES15SP2 (bsc#1181740).
Affected Systems
- opensuse•qemu&distro=openSUSE Leap 15.5
< 7.1.0-150500.49.6.1
- suse•qemu&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 7.1.0-150500.49.6.1
- suse•qemu&distro=SUSE Linux Enterprise Module for Server Applications 15 SP5
< 7.1.0-150500.49.6.1
References (11)
- https://www.suse.com/support/update/announcement/2023/suse-su-20233082-1/
- https://bugzilla.suse.com/1179993
- https://bugzilla.suse.com/1181740
- https://bugzilla.suse.com/1207205
- https://bugzilla.suse.com/1212968
- https://bugzilla.suse.com/1213001
- https://bugzilla.suse.com/1213414
- https://www.suse.com/security/cve/CVE-2023-0330
- https://www.suse.com/security/cve/CVE-2023-2861
- https://www.suse.com/security/cve/CVE-2023-3255
- https://www.suse.com/security/cve/CVE-2023-3301