Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2021-363.NASLHistoryMar 02, 2021 - 12:00 a.m.
openSUSE Security Update : qemu (openSUSE-2021-363)
2021-03-0200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
119
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
22.9%
This update for qemu fixes the following issues :
-
Fixed potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137)
-
Fixed out-of-bound access in iscsi (CVE-2020-11947 bsc#1180523)
-
Fixed out-of-bound access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639)
-
Fixed out-of-bound access in ARM interrupt handling (CVE-2021-20221 bsc#1181933)
-
Fixed vfio-pci device on s390 enters error state (bsc#1179717 bsc#1179719)
-
Fixed ‘Failed to try-restart [email protected]’ error while updating the qemu-guest-agent. (bsc#1178565)
-
Apply fixes to qemu scsi passthrough with respect to timeout and error conditions, including using more correct status codes. Add more qemu tracing which helped track down these issues (bsc#1178049)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2021-363.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('compat.inc');
if (description)
{
script_id(146938);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/18");
script_cve_id(
"CVE-2020-11947",
"CVE-2021-20181",
"CVE-2021-20203",
"CVE-2021-20221"
);
script_name(english:"openSUSE Security Update : qemu (openSUSE-2021-363)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"This update for qemu fixes the following issues :
- Fixed potential privilege escalation in virtfs
(CVE-2021-20181 bsc#1182137)
- Fixed out-of-bound access in iscsi (CVE-2020-11947
bsc#1180523)
- Fixed out-of-bound access in vmxnet3 emulation
(CVE-2021-20203 bsc#1181639)
- Fixed out-of-bound access in ARM interrupt handling
(CVE-2021-20221 bsc#1181933)
- Fixed vfio-pci device on s390 enters error state
(bsc#1179717 bsc#1179719)
- Fixed 'Failed to try-restart [email protected]' error
while updating the qemu-guest-agent. (bsc#1178565)
- Apply fixes to qemu scsi passthrough with respect to
timeout and error conditions, including using more
correct status codes. Add more qemu tracing which helped
track down these issues (bsc#1178049)
This update was imported from the SUSE:SLE-15-SP2:Update update
project.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1178049");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1178565");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1179717");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1179719");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1180523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1181639");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1181933");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1182137");
script_set_attribute(attribute:"solution", value:
"Update the affected qemu packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-20181");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/12/31");
script_set_attribute(attribute:"patch_publication_date", value:"2021/03/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/03/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-alsa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-alsa-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-pa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-pa-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-sdl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-sdl-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-nfs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-nfs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ipxe");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ksm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-lang");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-microvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-seabios");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-sgabios");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-testsuite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-curses");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-curses-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-gtk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-gtk-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-sdl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-sdl-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-spice-app");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-spice-app-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-vgabios");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-vhost-user-gpu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-vhost-user-gpu-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.2");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-arm-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-arm-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-audio-alsa-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-audio-alsa-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-audio-pa-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-audio-pa-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-audio-sdl-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-audio-sdl-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-curl-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-curl-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-dmg-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-dmg-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-gluster-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-gluster-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-iscsi-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-iscsi-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-nfs-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-nfs-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-rbd-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-rbd-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-ssh-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-block-ssh-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-debugsource-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-extra-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-extra-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-guest-agent-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-guest-agent-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ipxe-1.0.0+-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ksm-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-kvm-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-lang-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-linux-user-4.2.1-lp152.9.9.3") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-linux-user-debuginfo-4.2.1-lp152.9.9.3") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-linux-user-debugsource-4.2.1-lp152.9.9.3") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-microvm-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ppc-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ppc-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-s390-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-s390-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-seabios-1.12.1+-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-sgabios-8-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-testsuite-4.2.1-lp152.9.9.5") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-tools-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-tools-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-curses-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-curses-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-gtk-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-gtk-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-sdl-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-sdl-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-spice-app-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-ui-spice-app-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-vgabios-1.12.1+-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-vhost-user-gpu-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-vhost-user-gpu-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-x86-4.2.1-lp152.9.9.2") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"qemu-x86-debuginfo-4.2.1-lp152.9.9.2") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu / qemu-arm / qemu-arm-debuginfo / qemu-audio-alsa / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | qemu-ui-gtk-debuginfo | p-cpe:/a:novell:opensuse:qemu-ui-gtk-debuginfo |
| novell | opensuse | qemu-ui-sdl | p-cpe:/a:novell:opensuse:qemu-ui-sdl |
| novell | opensuse | qemu-ui-sdl-debuginfo | p-cpe:/a:novell:opensuse:qemu-ui-sdl-debuginfo |
| novell | opensuse | qemu-ui-spice-app | p-cpe:/a:novell:opensuse:qemu-ui-spice-app |
| novell | opensuse | qemu-ui-spice-app-debuginfo | p-cpe:/a:novell:opensuse:qemu-ui-spice-app-debuginfo |
| novell | opensuse | qemu-vgabios | p-cpe:/a:novell:opensuse:qemu-vgabios |
| novell | opensuse | qemu-vhost-user-gpu | p-cpe:/a:novell:opensuse:qemu-vhost-user-gpu |
| novell | opensuse | qemu-vhost-user-gpu-debuginfo | p-cpe:/a:novell:opensuse:qemu-vhost-user-gpu-debuginfo |
| novell | opensuse | qemu-x86 | p-cpe:/a:novell:opensuse:qemu-x86 |
| novell | opensuse | qemu-x86-debuginfo | p-cpe:/a:novell:opensuse:qemu-x86-debuginfo |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20181
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221
bugzilla.opensuse.org/show_bug.cgi?id=1178049
bugzilla.opensuse.org/show_bug.cgi?id=1178565
bugzilla.opensuse.org/show_bug.cgi?id=1179717
bugzilla.opensuse.org/show_bug.cgi?id=1179719
bugzilla.opensuse.org/show_bug.cgi?id=1180523
bugzilla.opensuse.org/show_bug.cgi?id=1181639
bugzilla.opensuse.org/show_bug.cgi?id=1181933
bugzilla.opensuse.org/show_bug.cgi?id=1182137
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:0521-1)
2021-02-22 00:00:00
Oracle Linux 7 : qemu (ELSA-2021-9109)
2021-04-14 00:00:00
Oracle Linux 7 : qemu (ELSA-2021-9104)
2021-04-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:0363-1)
2021-04-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0521-1)
2021-06-09 00:00:00
QEMU <= 5.2.0 DoS Vulnerability
2021-03-04 00:00:00
suse
suse
Security update for qemu (important)
2021-03-01 00:00:00
oraclelinux
oraclelinux
qemu security update
2021-03-15 00:00:00
qemu security update
2021-03-12 00:00:00
qemu security update
2021-06-06 00:00:00
ubuntucve
ubuntucve
prion
prion
Heap overflow
2020-12-31 01:15:00
Integer overflow
2021-02-25 20:15:00
Race condition
2021-05-13 16:15:00
osv
osv
debiancve
debiancve
cvelist
cvelist
redhatcve
redhatcve
nvd
nvd
veracode
veracode
Denial Of Service (DoS)
2021-04-11 12:04:51
Arbitrary Code Execution
2021-02-15 01:20:37
Information Disclosure
2021-01-05 03:26:01
cbl_mariner
cbl_mariner
CVE-2021-20203 affecting package qemu-kvm 4.2.0-48
2021-04-06 23:50:33
CVE-2021-20181 affecting package qemu-kvm 4.2.0-48
2021-07-08 21:56:54
CVE-2021-20221 affecting package qemu-kvm 4.2.0-48
2021-07-08 21:56:54
zdi
zdi
cve
cve
alpinelinux
alpinelinux
redhat
redhat
(RHSA-2021:0648) Low: virt:8.2 and virt-devel:8.2 security update
2021-02-23 18:17:50
(RHSA-2021:2521) Moderate: virt:8.2 and virt-devel:8.2 security update
2021-06-22 13:35:00
ubuntu
ubuntu
QEMU vulnerabilities
2021-02-08 00:00:00
QEMU vulnerabilities
2022-02-28 00:00:00
QEMU vulnerabilities
2021-07-15 00:00:00
debian
debian
[SECURITY] [DLA 2560-1] qemu security update
2021-02-18 16:57:32
[SECURITY] [DLA 2623-1] qemu security update
2021-04-10 21:21:02
[SECURITY] [DLA 3099-1] qemu security update
2022-09-05 03:28:05
rocky
rocky
virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-05-18 06:02:26
almalinux
almalinux
Moderate: virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
amazon
amazon
Medium: qemu
2021-06-16 20:37:00
altlinux
altlinux
Security fix for the ALT Linux 10 package qemu version 6.1.1-alt1
2022-03-01 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
22.9%
Related for OPENSUSE-2021-363.NASL