SUSE-SU-2024:3744-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:3744-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:3744-1
Related
Published
2024-10-22T13:34:33Z
Modified
2024-10-22T13:34:33Z
Summary
Security update for qemu
Details

This update for qemu fixes the following issues:

Security fixes:

  • CVE-2024-8354: Fixed assertion failure in usbepget() (bsc#1230834)
  • CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915)

Update version to 8.2.7:

Security fixes:

  • CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007)
  • CVE-2024-4693: Fixed improper release of configure vector in virtio-pci that lead to guest triggerable crash (bsc#1224132)

Other fixes:

  • added missing fix for ppc64 emulation that caused corruption in userspace (bsc#1230140)
  • target/ppc: Fix lxvx/stxvx facility check (bsc#1229929)
  • accel/kvm: check for KVMCAPREADONLY_MEM on VM (bsc#1231519)

Full changelog here:

https://lore.kernel.org/qemu-devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305@tls.msk.ru/

References

Affected packages

SUSE:Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6 / qemu

Package

Name
qemu
Purl
purl:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.2.7-15061.6.coco15sp6.1

Ecosystem specific 

{
    "binaries": [
        {
            "qemu-tools": "8.2.7-15061.6.coco15sp6.1",
            "qemu-audio-pa": "8.2.7-15061.6.coco15sp6.1",
            "qemu-block-nfs": "8.2.7-15061.6.coco15sp6.1",
            "qemu-hw-display-qxl": "8.2.7-15061.6.coco15sp6.1",
            "qemu-hw-display-virtio-vga": "8.2.7-15061.6.coco15sp6.1",
            "qemu-seabios": "8.2.71.16.3_3_ga95067eb-15061.6.coco15sp6.1",
            "qemu-lang": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ksm": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ui-spice-app": "8.2.7-15061.6.coco15sp6.1",
            "qemu-vgabios": "8.2.71.16.3_3_ga95067eb-15061.6.coco15sp6.1",
            "qemu-accel-tcg-x86": "8.2.7-15061.6.coco15sp6.1",
            "qemu-hw-display-virtio-gpu-pci": "8.2.7-15061.6.coco15sp6.1",
            "qemu": "8.2.7-15061.6.coco15sp6.1",
            "qemu-audio-spice": "8.2.7-15061.6.coco15sp6.1",
            "qemu-hw-usb-host": "8.2.7-15061.6.coco15sp6.1",
            "qemu-hw-usb-redirect": "8.2.7-15061.6.coco15sp6.1",
            "qemu-audio-dbus": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ipxe": "8.2.7-15061.6.coco15sp6.1",
            "qemu-audio-pipewire": "8.2.7-15061.6.coco15sp6.1",
            "qemu-img": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ui-dbus": "8.2.7-15061.6.coco15sp6.1",
            "qemu-spice": "8.2.7-15061.6.coco15sp6.1",
            "qemu-audio-alsa": "8.2.7-15061.6.coco15sp6.1",
            "qemu-block-rbd": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ui-curses": "8.2.7-15061.6.coco15sp6.1",
            "qemu-hw-display-virtio-gpu": "8.2.7-15061.6.coco15sp6.1",
            "qemu-block-iscsi": "8.2.7-15061.6.coco15sp6.1",
            "qemu-chardev-baum": "8.2.7-15061.6.coco15sp6.1",
            "qemu-block-curl": "8.2.7-15061.6.coco15sp6.1",
            "qemu-guest-agent": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ui-gtk": "8.2.7-15061.6.coco15sp6.1",
            "qemu-block-ssh": "8.2.7-15061.6.coco15sp6.1",
            "qemu-pr-helper": "8.2.7-15061.6.coco15sp6.1",
            "qemu-x86": "8.2.7-15061.6.coco15sp6.1",
            "qemu-skiboot": "8.2.7-15061.6.coco15sp6.1",
            "qemu-chardev-spice": "8.2.7-15061.6.coco15sp6.1",
            "qemu-SLOF": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ui-spice-core": "8.2.7-15061.6.coco15sp6.1",
            "qemu-ui-opengl": "8.2.7-15061.6.coco15sp6.1",
            "qemu-headless": "8.2.7-15061.6.coco15sp6.1"
        }
    ]
}