OESA-2021-1072

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1072
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2021-1072.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2021-1072
Upstream
Published
2021-03-05T11:02:40Z
Modified
2025-09-03T06:16:54.036891Z
Summary
qemu security update
Details

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed.

Security Fix(es):

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.(CVE-2020-13754)

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the aticursordefine() routine while handling MMIO write operations through the atimmwrite() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.(CVE-2019-20808)

A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhcisdmatransfermultiblocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.(CVE-2020-17380)

Database specific 
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS / qemu

Package

Name
qemu
Purl
pkg:rpm/openEuler/qemu&distro=openEuler-20.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.0-35.oe1

Ecosystem specific 

{
    "noarch": [
        "qemu-help-4.1.0-33.oe1.noarch.rpm",
        "qemu-help-4.1.0-35.oe1.noarch.rpm"
    ],
    "src": [
        "qemu-4.1.0-33.oe1.src.rpm",
        "qemu-4.1.0-35.oe1.src.rpm"
    ],
    "aarch64": [
        "qemu-4.1.0-33.oe1.aarch64.rpm",
        "qemu-debugsource-4.1.0-33.oe1.aarch64.rpm",
        "qemu-debuginfo-4.1.0-33.oe1.aarch64.rpm",
        "qemu-guest-agent-4.1.0-33.oe1.aarch64.rpm",
        "qemu-img-4.1.0-33.oe1.aarch64.rpm",
        "qemu-4.1.0-35.oe1.aarch64.rpm",
        "qemu-debugsource-4.1.0-35.oe1.aarch64.rpm",
        "qemu-debuginfo-4.1.0-35.oe1.aarch64.rpm",
        "qemu-guest-agent-4.1.0-35.oe1.aarch64.rpm",
        "qemu-img-4.1.0-35.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "qemu-4.1.0-33.oe1.x86_64.rpm",
        "qemu-debuginfo-4.1.0-33.oe1.x86_64.rpm",
        "qemu-guest-agent-4.1.0-33.oe1.x86_64.rpm",
        "qemu-debugsource-4.1.0-33.oe1.x86_64.rpm",
        "qemu-img-4.1.0-33.oe1.x86_64.rpm",
        "qemu-4.1.0-35.oe1.x86_64.rpm",
        "qemu-debuginfo-4.1.0-35.oe1.x86_64.rpm",
        "qemu-guest-agent-4.1.0-35.oe1.x86_64.rpm",
        "qemu-debugsource-4.1.0-35.oe1.x86_64.rpm",
        "qemu-img-4.1.0-35.oe1.x86_64.rpm"
    ]
}

openEuler:20.03-LTS-SP1 / qemu

Package

Name
qemu
Purl
pkg:rpm/openEuler/qemu&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.0-35.oe1

Ecosystem specific 

{
    "noarch": [
        "qemu-help-4.1.0-35.oe1.noarch.rpm"
    ],
    "src": [
        "qemu-4.1.0-35.oe1.src.rpm"
    ],
    "aarch64": [
        "qemu-4.1.0-35.oe1.aarch64.rpm",
        "qemu-debugsource-4.1.0-35.oe1.aarch64.rpm",
        "qemu-debuginfo-4.1.0-35.oe1.aarch64.rpm",
        "qemu-guest-agent-4.1.0-35.oe1.aarch64.rpm",
        "qemu-img-4.1.0-35.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "qemu-4.1.0-35.oe1.x86_64.rpm",
        "qemu-debuginfo-4.1.0-35.oe1.x86_64.rpm",
        "qemu-guest-agent-4.1.0-35.oe1.x86_64.rpm",
        "qemu-debugsource-4.1.0-35.oe1.x86_64.rpm",
        "qemu-img-4.1.0-35.oe1.x86_64.rpm"
    ]
}