SUSE-SU-2023:3721-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 21 Sept 2023, 07:57
Last modified:04 Feb 2026, 04:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

21 Sept 2023, 07:57
Published
Vulnerability first disclosed
04 Feb 2026, 04:33
Last Modified
Vulnerability information updated

Description

Security update for qemu This update for qemu fixes the following issues: - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. (bsc#1198712) - CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. (bsc#1193880) - CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. (bsc#1207205) - CVE-2020-13754: Fixed a DoS due to an OOB access during mmio operations. (bsc#1172382) - CVE-2023-3354: Fixed a remote unauthenticated DoS due to an improper I/O watch removal in VNC TLS handshake. (bsc#1212850) - CVE-2023-3180: Fixed a heap buffer overflow in virtio_crypto_sym_op_helper(). (bsc#1213925) - CVE-2021-3638: Fixed an out-of-bounds write due to an inconsistent check in ati_2d_blt(). (bsc#1188609) - CVE-2021-3750: Fixed an use-after-free in DMA reentrancy issue. (bsc#1190011) - CVE-2023-2861: Fixed improper access control on special files in 9pfs (bsc#1212968). - CVE-2022-1050: Fixed use-after-free issue in pvrdma_exec_cmd() (bsc#1197653). The following non-security bug was fixed: - Prepare for binutils update to 2.41 update (bsc#1215311).

Affected Systems

  • opensuseqemu&distro=openSUSE Leap 15.4

    < 4.2.1-150200.79.1

  • suseqemu&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

    < 4.2.1-150200.79.1

  • suseqemu&distro=SUSE Linux Enterprise Server 15 SP2-LTSS

    < 4.2.1-150200.79.1

  • suseqemu&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2

    < 4.2.1-150200.79.1

References (22)