Bug 1182846 – VUL-0: CVE-2021-20257: xen: infinite loop issue in the e1000 NIC emulator

Bug 1182846 - VUL-0: CVE-2021-20257: xen: infinite loop issue in the e1000 NIC emulator


Summary:	VUL-0: CVE-2021-20257: xen: infinite loop issue in the e1000 NIC emulator

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Minor
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/278352/
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2021-03-01 09:21 UTC by Alexandros Toptsoglou
Modified:	2022-05-20 16:05 UTC (History)
CC List:	5 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2021-03-01 09:21:38 UTC

+++ This bug was initially created as a clone of Bug #1182577 +++

CVE-2021-20257 / rh#1930087

An infinite loop issue was found in the e1000 NIC emulator of the QEMU. It occurs while processing transmit (tx) descriptors in process_tx_desc, if various descriptor fields are initialised with invalid values. A guest may use this flaw to consume cpu cycles on the host resulting in DoS scenario.

Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg03595.html

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20257
https://access.redhat.com/security/cve/CVE-2021-20257

Comment 1 Alexandros Toptsoglou 2021-03-01 09:22:56 UTC

from the kvm issue tracked as affected: 

SUSE:SLE-11-SP3:Update/xen
 * SUSE:SLE-11-SP4:Update/xen
 * SUSE:SLE-12-SP2:Update/xen
 * SUSE:SLE-12-SP3:Update/xen
 * SUSE:SLE-12-SP4:Update/xen
 * SUSE:SLE-12-SP5:Update/xen

Comment 3 Gianluca Gabrielli 2021-03-18 11:49:57 UTC

also the following packages are affected:
 * SUSE:SLE-11-SP1:Update:Teradata/xen
 * SUSE:SLE-11-SP3:Update:Teradata/xen

Comment 4 Swamp Workflow Management 2021-04-06 19:15:53 UTC

SUSE-SU-2021:1023-1: An update that solves four vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 1027519,1177112,1177204,1178591,1178736,1179148,1181254,1181989,1182846,1183072
CVE References: CVE-2020-28368,CVE-2021-20257,CVE-2021-28687,CVE-2021-3308
JIRA References: 
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    xen-4.12.4_09-3.39.3
SUSE Linux Enterprise Server 12-SP5 (src):    xen-4.12.4_09-3.39.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 6 Swamp Workflow Management 2021-04-19 10:16:43 UTC

SUSE-SU-2021:1252-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1182431,1182846
CVE References: CVE-2021-20257,CVE-2021-27379
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    xen-4.9.4_16-3.83.1
SUSE OpenStack Cloud 8 (src):    xen-4.9.4_16-3.83.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    xen-4.9.4_16-3.83.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    xen-4.9.4_16-3.83.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    xen-4.9.4_16-3.83.1
HPE Helion Openstack 8 (src):    xen-4.9.4_16-3.83.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 7 Swamp Workflow Management 2021-04-19 10:17:57 UTC

SUSE-SU-2021:1251-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1178591,1182431,1182846
CVE References: CVE-2021-20257,CVE-2021-27379
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    xen-4.11.4_16-2.51.1
SUSE OpenStack Cloud 9 (src):    xen-4.11.4_16-2.51.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    xen-4.11.4_16-2.51.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    xen-4.11.4_16-2.51.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 8 Swamp Workflow Management 2021-04-19 19:27:06 UTC

SUSE-SU-2021:14702-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1182155,1182846,1182975
CVE References: CVE-2021-20257,CVE-2021-3419
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    xen-4.4.4_48-61.64.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    xen-4.4.4_48-61.64.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 13 Swamp Workflow Management 2021-06-02 16:17:54 UTC

SUSE-SU-2021:1829-1: An update that solves 11 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1031692,1094725,1126455,1149813,1163019,1172380,1172382,1175534,1178935,1179477,1181933,1182846,1182975
CVE References: CVE-2019-15890,CVE-2019-8934,CVE-2020-10756,CVE-2020-13754,CVE-2020-14364,CVE-2020-25723,CVE-2020-29130,CVE-2020-8608,CVE-2021-20221,CVE-2021-20257,CVE-2021-3419
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    qemu-2.6.2-41.65.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 14 Swamp Workflow Management 2021-06-02 19:23:30 UTC

SUSE-SU-2021:1837-1: An update that solves 11 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1149813,1163019,1172380,1175534,1176681,1178683,1178935,1179477,1179484,1179725,1182846,1182975,1186290
CVE References: CVE-2019-15890,CVE-2020-10756,CVE-2020-14364,CVE-2020-25085,CVE-2020-25707,CVE-2020-25723,CVE-2020-29129,CVE-2020-29130,CVE-2020-8608,CVE-2021-20257,CVE-2021-3419
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    qemu-3.1.1.1-51.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Swamp Workflow Management 2021-06-08 16:37:48 UTC

SUSE-SU-2021:1893-1: An update that solves 11 vulnerabilities, contains one feature and has two fixes is now available.

Category: security (important)
Bug References: 1149813,1163019,1172380,1175534,1176681,1178683,1178935,1179477,1179484,1182846,1182975,1183979,1186290
CVE References: CVE-2019-15890,CVE-2020-10756,CVE-2020-14364,CVE-2020-25085,CVE-2020-25707,CVE-2020-25723,CVE-2020-29129,CVE-2020-29130,CVE-2020-8608,CVE-2021-20257,CVE-2021-3419
JIRA References: SLE-17785
Sources used:
SUSE MicroOS 5.0 (src):    qemu-4.2.1-11.19.2
SUSE Linux Enterprise Module for Server Applications 15-SP2 (src):    qemu-4.2.1-11.19.2
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    qemu-4.2.1-11.19.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Swamp Workflow Management 2021-06-08 16:54:18 UTC

SUSE-SU-2021:1894-1: An update that solves 11 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1094725,1149813,1163019,1172380,1172382,1175534,1178683,1178935,1179477,1181933,1182846,1182975
CVE References: CVE-2019-15890,CVE-2020-10756,CVE-2020-13754,CVE-2020-14364,CVE-2020-25707,CVE-2020-25723,CVE-2020-29130,CVE-2020-8608,CVE-2021-20221,CVE-2021-20257,CVE-2021-3419
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    qemu-2.9.1-6.50.1
SUSE OpenStack Cloud 8 (src):    qemu-2.9.1-6.50.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    qemu-2.9.1-6.50.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    qemu-2.9.1-6.50.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    qemu-2.9.1-6.50.1
HPE Helion Openstack 8 (src):    qemu-2.9.1-6.50.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Swamp Workflow Management 2021-06-08 17:15:59 UTC

SUSE-SU-2021:1895-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1149813,1163019,1172380,1172382,1175534,1178683,1178935,1179477,1179484,1182846,1182975
CVE References: CVE-2019-15890,CVE-2020-10756,CVE-2020-13754,CVE-2020-14364,CVE-2020-25707,CVE-2020-25723,CVE-2020-29129,CVE-2020-29130,CVE-2020-8608,CVE-2021-20257,CVE-2021-3419
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    qemu-2.11.2-9.46.1
SUSE Linux Enterprise Server 15-LTSS (src):    qemu-2.11.2-9.46.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    qemu-2.11.2-9.46.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    qemu-2.11.2-9.46.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Swamp Workflow Management 2021-06-09 16:28:36 UTC

SUSE-SU-2021:1918-1: An update that fixes 10 vulnerabilities is now available.

Category: security (important)
Bug References: 1149813,1163019,1172380,1175534,1178683,1178935,1179477,1179484,1182846,1182975
CVE References: CVE-2019-15890,CVE-2020-10756,CVE-2020-14364,CVE-2020-25707,CVE-2020-25723,CVE-2020-29129,CVE-2020-29130,CVE-2020-8608,CVE-2021-20257,CVE-2021-3419
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    qemu-3.1.1.1-9.27.2
SUSE Manager Retail Branch Server 4.0 (src):    qemu-3.1.1.1-9.27.2
SUSE Manager Proxy 4.0 (src):    qemu-3.1.1.1-9.27.2
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    qemu-3.1.1.1-9.27.2
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    qemu-3.1.1.1-9.27.2
SUSE Linux Enterprise Server 15-SP1-BCL (src):    qemu-3.1.1.1-9.27.2
SUSE Linux Enterprise Module for Server Applications 15-SP2 (src):    qemu-3.1.1.1-9.27.2
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    qemu-3.1.1.1-9.27.2
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    qemu-3.1.1.1-9.27.2
SUSE Enterprise Storage 6 (src):    qemu-3.1.1.1-9.27.2
SUSE CaaS Platform 4.0 (src):    qemu-3.1.1.1-9.27.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Swamp Workflow Management 2021-06-10 13:48:07 UTC

SUSE-SU-2021:1947-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1149813,1163019,1172380,1172382,1175534,1178683,1178935,1179477,1179484,1182846,1182975
CVE References: CVE-2019-15890,CVE-2020-10756,CVE-2020-13754,CVE-2020-14364,CVE-2020-25707,CVE-2020-25723,CVE-2020-29129,CVE-2020-29130,CVE-2020-8608,CVE-2021-20257,CVE-2021-3419
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    qemu-2.11.2-5.32.1
SUSE OpenStack Cloud 9 (src):    qemu-2.11.2-5.32.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    qemu-2.11.2-5.32.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    qemu-2.11.2-5.32.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2021-07-14 01:18:43 UTC

openSUSE-SU-2021:1043-1: An update that solves 14 vulnerabilities, contains one feature and has 5 fixes is now available.

Category: security (moderate)
Bug References: 1149813,1163019,1172380,1175534,1176681,1178683,1178935,1179477,1179484,1182846,1182975,1183979,1184574,1185591,1185981,1185990,1186010,1186290,1187013
CVE References: CVE-2019-15890,CVE-2020-10756,CVE-2020-14364,CVE-2020-25085,CVE-2020-25707,CVE-2020-25723,CVE-2020-29129,CVE-2020-29130,CVE-2020-8608,CVE-2021-20257,CVE-2021-3419,CVE-2021-3544,CVE-2021-3545,CVE-2021-3546
JIRA References: SLE-17785
Sources used:
openSUSE Leap 15.2 (src):    qemu-4.2.1-lp152.9.16.2, qemu-linux-user-4.2.1-lp152.9.16.1, qemu-testsuite-4.2.1-lp152.9.16.7

Comment 21 Charles Arnold 2022-04-12 16:40:36 UTC

Submitted back to SLE12-SP2 which is as old as we go.

Comment 23 Gabriele Sonnu 2022-04-13 08:52:49 UTC

Done.

Comment 24 Swamp Workflow Management 2022-04-25 19:32:54 UTC

SUSE-SU-2022:1375-1: An update that fixes 10 vulnerabilities is now available.

Category: security (important)
Bug References: 1182846,1196915,1197423,1197425,1197426
CVE References: CVE-2021-20257,CVE-2021-26401,CVE-2022-0001,CVE-2022-0002,CVE-2022-26356,CVE-2022-26357,CVE-2022-26358,CVE-2022-26359,CVE-2022-26360,CVE-2022-26361
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    xen-4.7.6_22-43.88.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.