openSUSE Security Update : qemu (openSUSE-2021-600)

medium Nessus Plugin ID 149640

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for qemu fixes the following issues :

- CVE-2020-12829: Fix OOB access in sm501 device emulation (bsc#1172385)

- CVE-2020-25723: Fix use-after-free in usb xhci packet handling (bsc#1178934)

- CVE-2020-25084: Fix use-after-free in usb ehci packet handling (bsc#1176673)

- CVE-2020-25625: Fix infinite loop (DoS) in usb hcd-ohci emulation (bsc#1176684)

- CVE-2020-25624: Fix OOB access in usb hcd-ohci emulation (bsc#1176682)

- CVE-2020-27617: Fix guest triggerable assert in shared network handling code (bsc#1178174)

- CVE-2020-28916: Fix infinite loop (DoS) in e1000e device emulation (bsc#1179468)

- CVE-2020-29443: Fix OOB access in atapi emulation (bsc#1181108)

- CVE-2020-27821: Fix heap overflow in MSIx emulation (bsc#1179686)

- CVE-2020-15469: Fix NULL pointer deref. (DoS) in mmio ops (bsc#1173612)

- CVE-2021-20257: Fix infinite loop (DoS) in e1000 device emulation (bsc#1182577)

- CVE-2021-3416: Fix OOB access (stack overflow) in rtl8139 NIC emulation (bsc#1182968)

- CVE-2021-3416: Fix OOB access (stack overflow) in other NIC emulations (bsc#1182968)

- CVE-2020-27616: Fix OOB access in ati-vga emulation (bsc#1178400)

- CVE-2020-29129: Fix OOB access in SLIRP ARP/NCSI packet processing (bsc#1179466, CVE-2020-29130, bsc#1179467)

- Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425)

- Add split-provides through forsplits/13 to cover updates of SLE15-SP2 to SLE15-SP3, and openSUSE equivalents (bsc#1184064)

- Added a few more usability improvements for our git packaging workflow

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Solution

Update the affected qemu packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1172385

https://bugzilla.opensuse.org/show_bug.cgi?id=1173612

https://bugzilla.opensuse.org/show_bug.cgi?id=1176673

https://bugzilla.opensuse.org/show_bug.cgi?id=1176682

https://bugzilla.opensuse.org/show_bug.cgi?id=1176684

https://bugzilla.opensuse.org/show_bug.cgi?id=1178174

https://bugzilla.opensuse.org/show_bug.cgi?id=1178400

https://bugzilla.opensuse.org/show_bug.cgi?id=1178934

https://bugzilla.opensuse.org/show_bug.cgi?id=1179466

https://bugzilla.opensuse.org/show_bug.cgi?id=1179467

https://bugzilla.opensuse.org/show_bug.cgi?id=1179468

https://bugzilla.opensuse.org/show_bug.cgi?id=1179686

https://bugzilla.opensuse.org/show_bug.cgi?id=1181108

https://bugzilla.opensuse.org/show_bug.cgi?id=1182425

https://bugzilla.opensuse.org/show_bug.cgi?id=1182577

https://bugzilla.opensuse.org/show_bug.cgi?id=1182968

https://bugzilla.opensuse.org/show_bug.cgi?id=1184064

Plugin Details

Severity: Medium

ID: 149640

File Name: openSUSE-2021-600.nasl

Version: 1.2

Type: local

Agent: unix

Published: 5/18/2021

Updated: 5/20/2021

Supported Sensors: Nessus Agent

Risk Information

CVSS Score Source: CVE-2020-25624

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 4.4

Temporal Score: 3.3

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:qemu, p-cpe:/a:novell:opensuse:qemu-arm, p-cpe:/a:novell:opensuse:qemu-arm-debuginfo, p-cpe:/a:novell:opensuse:qemu-audio-alsa, p-cpe:/a:novell:opensuse:qemu-audio-alsa-debuginfo, p-cpe:/a:novell:opensuse:qemu-audio-pa, p-cpe:/a:novell:opensuse:qemu-audio-pa-debuginfo, p-cpe:/a:novell:opensuse:qemu-audio-sdl, p-cpe:/a:novell:opensuse:qemu-audio-sdl-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-curl, p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-dmg, p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-gluster, p-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-iscsi, p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-nfs, p-cpe:/a:novell:opensuse:qemu-block-nfs-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-rbd, p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-ssh, p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo, p-cpe:/a:novell:opensuse:qemu-debuginfo, p-cpe:/a:novell:opensuse:qemu-debugsource, p-cpe:/a:novell:opensuse:qemu-extra, p-cpe:/a:novell:opensuse:qemu-extra-debuginfo, p-cpe:/a:novell:opensuse:qemu-guest-agent, p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo, p-cpe:/a:novell:opensuse:qemu-ipxe, p-cpe:/a:novell:opensuse:qemu-ksm, p-cpe:/a:novell:opensuse:qemu-kvm, p-cpe:/a:novell:opensuse:qemu-lang, p-cpe:/a:novell:opensuse:qemu-linux-user, p-cpe:/a:novell:opensuse:qemu-linux-user-debuginfo, p-cpe:/a:novell:opensuse:qemu-linux-user-debugsource, p-cpe:/a:novell:opensuse:qemu-microvm, p-cpe:/a:novell:opensuse:qemu-ppc, p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo, p-cpe:/a:novell:opensuse:qemu-s390, p-cpe:/a:novell:opensuse:qemu-s390-debuginfo, p-cpe:/a:novell:opensuse:qemu-seabios, p-cpe:/a:novell:opensuse:qemu-sgabios, p-cpe:/a:novell:opensuse:qemu-testsuite, p-cpe:/a:novell:opensuse:qemu-tools, p-cpe:/a:novell:opensuse:qemu-tools-debuginfo, p-cpe:/a:novell:opensuse:qemu-ui-curses, p-cpe:/a:novell:opensuse:qemu-ui-curses-debuginfo, p-cpe:/a:novell:opensuse:qemu-ui-gtk, p-cpe:/a:novell:opensuse:qemu-ui-gtk-debuginfo, p-cpe:/a:novell:opensuse:qemu-ui-sdl, p-cpe:/a:novell:opensuse:qemu-ui-sdl-debuginfo, p-cpe:/a:novell:opensuse:qemu-ui-spice-app, p-cpe:/a:novell:opensuse:qemu-ui-spice-app-debuginfo, p-cpe:/a:novell:opensuse:qemu-vgabios, p-cpe:/a:novell:opensuse:qemu-vhost-user-gpu, p-cpe:/a:novell:opensuse:qemu-vhost-user-gpu-debuginfo, p-cpe:/a:novell:opensuse:qemu-x86, p-cpe:/a:novell:opensuse:qemu-x86-debuginfo, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 4/23/2021

Vulnerability Publication Date: 7/2/2020

Reference Information

CVE: CVE-2020-12829, CVE-2020-15469, CVE-2020-25084, CVE-2020-25624, CVE-2020-25625, CVE-2020-25723, CVE-2020-27616, CVE-2020-27617, CVE-2020-27821, CVE-2020-28916, CVE-2020-29129, CVE-2020-29130, CVE-2020-29443, CVE-2021-20257, CVE-2021-3416