Lucene search
SuseOPENSUSE-SU-2021:1461-1HistoryNov 08, 2021 - 12:00 a.m.
Security update for qemu (important)
2021-11-0800:00:00
lists.opensuse.org
24
qemu
security update
vulnerabilities
fixes
out-of-bounds write
use-after-free
usb attached scsi
virtio_net_receive_rcu
scsi vpd
xen-block
suse leap 15.2
patch
EPSS
0
Percentile
14.2%
An update that solves two vulnerabilities and has two fixes
is now available.
Description:
This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2021-3713: Fix out-of-bounds write in UAS (USB Attached SCSI) device
emulation (bsc#1189702) - CVE-2021-3748: Fix heap use-after-free in virtio_net_receive_rcu
(bsc#1189938)
Non-security issues fixed:
- Add transfer length item in block limits page of scsi vpd (bsc#1190425)
- Fix qemu crash while deleting xen-block (bsc#1189234)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1461=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.2 | noarch | < - openSUSE Leap 15.2 (noarch): | - openSUSE Leap 15.2 (noarch):.noarch.rpm |
Related
openvas
openvas
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:3605-1)
2021-11-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3605-1)
2021-11-04 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1461-1)
2021-11-09 00:00:00
nessus
nessus
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:3653-1)
2021-11-11 00:00:00
openSUSE 15 Security Update : qemu (openSUSE-SU-2021:3605-1)
2021-11-04 00:00:00
openSUSE 15 Security Update : qemu (openSUSE-SU-2021:1461-1)
2021-11-09 00:00:00
osv
osv
qemu-6.1.0-34.1 on GA media
2024-06-15 00:00:00
CVE-2021-3713
2021-08-25 19:15:15
CVE-2021-3748
2022-03-23 20:15:09
suse
suse
Security update for qemu (important)
2021-11-03 00:00:00
Security update for qemu (important)
2021-11-03 00:00:00
Security update for qemu (important)
2021-11-04 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
cbl_mariner
cbl_mariner
CVE-2021-3713 affecting package qemu for versions less than 6.2.0-2
2022-06-03 17:54:21
CVE-2021-3713 affecting package qemu-kvm 4.2.0-48
2021-09-22 15:16:37
CVE-2021-3748 affecting package qemu-kvm 4.2.0-38
2022-05-26 19:04:44
alpinelinux
alpinelinux
CVE-2021-3713
2021-08-25 19:15:15
CVE-2021-3748
2022-03-23 20:15:00
redhatcve
redhatcve
prion
prion
Out-of-bounds
2021-08-25 19:15:00
Design/Logic Flaw
2022-03-23 20:15:00
Design/Logic Flaw
2022-03-16 15:15:00
cve
cve
veracode
veracode
Denial Of Service
2021-08-31 21:44:02
Denial Of Service (DoS)
2021-10-01 04:59:17
cvelist
cvelist
nvd
nvd
redhat
redhat
(RHSA-2021:5036) Moderate: virt:8.2 and virt-devel:8.2 security update
2021-12-08 18:36:58
debian
debian
[SECURITY] [DSA 4980-1] qemu security update
2021-10-03 18:26:45
[SECURITY] [DLA 2970-1] qemu security update
2022-04-04 13:21:47
[SECURITY] [DLA 2753-1] qemu security update
2021-09-02 18:40:09
oraclelinux
oraclelinux
olcne security update
2022-06-17 00:00:00
olcne security update
2022-06-16 00:00:00
olcne security update
2022-06-16 00:00:00
redos
redos
ROS-20220125-17
2022-01-25 00:00:00
f5
f5
K63714476 : Linux kernel vulnerabilities CVE-2022-26353 and CVE-2021-3748
2022-04-19 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2022-02-28 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package qemu version 6.1.1-alt1
2022-03-01 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00
almalinux
almalinux
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-05-10 07:59:57