SUSE-SU-2023:3800-1

Advisory lineage Upstream: 9 Downstream: 0

Upstream

CVE-2019-13754 CVE-2021-3750 CVE-2021-3929 CVE-2022-1050 CVE-2022-26354 CVE-2023-0330

Published: 27 Sept 2023, 11:36

Last modified:04 Feb 2026, 03:39

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

27 Sept 2023, 11:36

Published

Vulnerability first disclosed

04 Feb 2026, 03:39

Last Modified

Vulnerability information updated

Description

Security update for qemu This update for qemu fixes the following issues: - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. (bsc#1198712) - CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. (bsc#1193880) - CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. (bsc#1207205) - CVE-2020-13754: Fixed a DoS due to an OOB access during mmio operations. (bsc#1172382) - CVE-2023-3354: Fixed a remote unauthenticated DoS due to an improper I/O watch removal in VNC TLS handshake. (bsc#1212850) - CVE-2023-3180: Fixed a heap buffer overflow in virtio_crypto_sym_op_helper(). (bsc#1213925) - CVE-2023-2861: Fixed improper access control on special files in 9pfs (bsc#1212968). - CVE-2022-1050: Fixed use-after-free issue in pvrdma_exec_cmd() (bsc#1197653). - CVE-2021-3750: Fixed DMA reentrancy issue leads to use-after-free in hcd-ehci (bsc#1190011). The following non-security bug was fixed: - Prepare for binutils update to 2.41 update (bsc#1215311).

Affected Systems

suse•qemu&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
< 3.1.1.1-150100.80.51.5
suse•qemu&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
< 3.1.1.1-150100.80.51.5
suse•qemu&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP1
< 3.1.1.1-150100.80.51.5

SUSE-SU-2023:3800-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (20)