SUSE-SU-2023:3082-2
Advisory lineage Upstream: 4 Downstream: 0
Published: 15 Nov 2023, 14:42
Last modified:04 Feb 2026, 03:50
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
15 Nov 2023, 14:42
Published
Vulnerability first disclosed
04 Feb 2026, 03:50
Last Modified
Vulnerability information updated
Description
Security update for qemu This update for qemu fixes the following issues: - CVE-2023-3301: Fixed incorrect cleanup of the vdpa/vhost-net structures if peer nic is present (bsc#1213414). - CVE-2023-0330: Fixed reentrancy issues in the LSI controller (bsc#1207205). - CVE-2023-2861: Fixed opening special files in 9pfs (bsc#1212968). - CVE-2023-3255: Fixed infinite loop in inflate_buffer() leads to denial of service (bsc#1213001). Bugfixes: - hw/ide/piix: properly initialize the BMIBA register (bsc#bsc#1179993) - Fixed issue where Guest did not run on XEN SLES15SP2 (bsc#1181740).
Affected Systems
- suse•qemu&distro=SUSE Linux Enterprise Micro 5.5
< 7.1.0-150500.49.6.1
References (11)
- https://www.suse.com/support/update/announcement/2023/suse-su-20233082-2/
- https://bugzilla.suse.com/1179993
- https://bugzilla.suse.com/1181740
- https://bugzilla.suse.com/1207205
- https://bugzilla.suse.com/1212968
- https://bugzilla.suse.com/1213001
- https://bugzilla.suse.com/1213414
- https://www.suse.com/security/cve/CVE-2023-0330
- https://www.suse.com/security/cve/CVE-2023-2861
- https://www.suse.com/security/cve/CVE-2023-3255
- https://www.suse.com/security/cve/CVE-2023-3301