SUSE-SU-2022:3594-1 -- SLES qemu, qemu-guest-agentID: oval:org.secpod.oval:def:89047055 | Date: (C)2022-10-18 (M)2024-05-16 |
Class: PATCH | Family: unix |
This update for qemu fixes the following issues: - CVE-2021-3409: Fixed an incomplete fix for CVE-2020-17380 and CVE-2020-25085 in sdhi controller. - CVE-2021-4206: Fixed an integer overflow in cursor_alloc which can lead to heap buffer overflow. - CVE-2021-4207: Fixed a double fetch in qxl_cursor ehich can lead to heap buffer overflow. - CVE-2022-0216: Fixed a use after free issue found in hw/scsi/lsi53c895a.c. - CVE-2022-35414: Fixed an uninitialized read during address translation that leads to a crash
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
Product: |
qemu |
qemu-guest-agent |