Security update for qemu SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:0468-1 Final 1 1 2020-04-06T22:21:00Z current 2020-04-06T22:21:00Z 2020-04-06T22:21:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for qemu This update for qemu fixes the following issues: - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). - CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). - CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). - CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). - Fixed a live migration error (bsc#1154790). - Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729). This update was imported from the SUSE:SLE-15-SP1:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-468 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/ E-Mail link for openSUSE-SU-2020:0468-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1123156 SUSE Bug 1123156 https://bugzilla.suse.com/1154790 SUSE Bug 1154790 https://bugzilla.suse.com/1161066 SUSE Bug 1161066 https://bugzilla.suse.com/1162729 SUSE Bug 1162729 https://bugzilla.suse.com/1163018 SUSE Bug 1163018 https://bugzilla.suse.com/1165776 SUSE Bug 1165776 https://bugzilla.suse.com/1166240 SUSE Bug 1166240 https://bugzilla.suse.com/1166379 SUSE Bug 1166379 https://www.suse.com/security/cve/CVE-2019-15034/ SUSE CVE CVE-2019-15034 page https://www.suse.com/security/cve/CVE-2019-20382/ SUSE CVE CVE-2019-20382 page https://www.suse.com/security/cve/CVE-2019-6778/ SUSE CVE CVE-2019-6778 page https://www.suse.com/security/cve/CVE-2020-1711/ SUSE CVE CVE-2020-1711 page https://www.suse.com/security/cve/CVE-2020-7039/ SUSE CVE CVE-2020-7039 page https://www.suse.com/security/cve/CVE-2020-8608/ SUSE CVE CVE-2020-8608 page openSUSE Leap 15.1 qemu-3.1.1.1-lp151.7.12.1 qemu-arm-3.1.1.1-lp151.7.12.1 qemu-audio-alsa-3.1.1.1-lp151.7.12.1 qemu-audio-oss-3.1.1.1-lp151.7.12.1 qemu-audio-pa-3.1.1.1-lp151.7.12.1 qemu-audio-sdl-3.1.1.1-lp151.7.12.1 qemu-block-curl-3.1.1.1-lp151.7.12.1 qemu-block-dmg-3.1.1.1-lp151.7.12.1 qemu-block-gluster-3.1.1.1-lp151.7.12.1 qemu-block-iscsi-3.1.1.1-lp151.7.12.1 qemu-block-nfs-3.1.1.1-lp151.7.12.1 qemu-block-rbd-3.1.1.1-lp151.7.12.1 qemu-block-ssh-3.1.1.1-lp151.7.12.1 qemu-extra-3.1.1.1-lp151.7.12.1 qemu-guest-agent-3.1.1.1-lp151.7.12.1 qemu-ipxe-1.0.0+-lp151.7.12.1 qemu-ksm-3.1.1.1-lp151.7.12.1 qemu-kvm-3.1.1.1-lp151.7.12.1 qemu-lang-3.1.1.1-lp151.7.12.1 qemu-linux-user-3.1.1.1-lp151.7.12.1 qemu-ppc-3.1.1.1-lp151.7.12.1 qemu-s390-3.1.1.1-lp151.7.12.1 qemu-seabios-1.12.0-lp151.7.12.1 qemu-sgabios-8-lp151.7.12.1 qemu-tools-3.1.1.1-lp151.7.12.1 qemu-ui-curses-3.1.1.1-lp151.7.12.1 qemu-ui-gtk-3.1.1.1-lp151.7.12.1 qemu-ui-sdl-3.1.1.1-lp151.7.12.1 qemu-vgabios-1.12.0-lp151.7.12.1 qemu-x86-3.1.1.1-lp151.7.12.1 qemu-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-arm-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-audio-alsa-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-audio-oss-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-audio-pa-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-audio-sdl-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-block-curl-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-block-dmg-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-block-gluster-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-block-iscsi-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-block-nfs-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-block-rbd-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-block-ssh-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-extra-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-guest-agent-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-ipxe-1.0.0+-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-ksm-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-kvm-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-lang-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-linux-user-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-ppc-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-s390-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-seabios-1.12.0-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-sgabios-8-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-tools-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-ui-curses-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-ui-gtk-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-ui-sdl-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-vgabios-1.12.0-lp151.7.12.1 as a component of openSUSE Leap 15.1 qemu-x86-3.1.1.1-lp151.7.12.1 as a component of openSUSE Leap 15.1 hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space. CVE-2019-15034 openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1 openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1 openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1 important 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/ https://www.suse.com/security/cve/CVE-2019-15034.html CVE-2019-15034 https://bugzilla.suse.com/1166379 SUSE Bug 1166379 QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd. CVE-2019-20382 openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1 openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1 openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1 moderate 2.7 AV:A/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/ https://www.suse.com/security/cve/CVE-2019-20382.html CVE-2019-20382 https://bugzilla.suse.com/1165776 SUSE Bug 1165776 In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. CVE-2019-6778 openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1 openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1 openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/ https://www.suse.com/security/cve/CVE-2019-6778.html CVE-2019-6778 https://bugzilla.suse.com/1123156 SUSE Bug 1123156 https://bugzilla.suse.com/1123157 SUSE Bug 1123157 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. CVE-2020-1711 openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1 openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1 openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1 important 6 AV:N/AC:M/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/ https://www.suse.com/security/cve/CVE-2020-1711.html CVE-2020-1711 https://bugzilla.suse.com/1166240 SUSE Bug 1166240 tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. CVE-2020-7039 openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1 openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1 openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/ https://www.suse.com/security/cve/CVE-2020-7039.html CVE-2020-7039 https://bugzilla.suse.com/1161066 SUSE Bug 1161066 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. CVE-2020-8608 openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1 openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1 openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1 openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1 openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/ https://www.suse.com/security/cve/CVE-2020-8608.html CVE-2020-8608 https://bugzilla.suse.com/1163018 SUSE Bug 1163018 https://bugzilla.suse.com/1163019 SUSE Bug 1163019