Bug 1198035 - (CVE-2021-4206) VUL-0: CVE-2021-4206: qemu,kvm: integer overflow in cursor_alloc() can lead to heap buffer overflow
(CVE-2021-4206)
VUL-0: CVE-2021-4206: qemu,kvm: integer overflow in cursor_alloc() can lead t...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: E-mail List
Security Team bot
https://smash.suse.de/issue/327831/
CVSSv3.1:SUSE:CVE-2021-4206:7.5:(AV:L...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-04-04 14:53 UTC by Robert Frohl
Modified: 2022-07-04 19:17 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2022-04-04 14:53:09 UTC
rh#2036998

In the QEMU QXL video acelerator a integer overflow leads to heap overflow in qxl_unpack_chunks function.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2036998
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4206
Comment 2 Robert Frohl 2022-05-02 10:44:37 UTC
tracking all as affected:

- SUSE:SLE-12-SP2:Update/qemu
- SUSE:SLE-12-SP3:Update/qemu
- SUSE:SLE-12-SP4:Update/qemu
- SUSE:SLE-12-SP5:Update/qemu
- SUSE:SLE-15:Update/qemu
- SUSE:SLE-15-SP1:Update/qemu
- SUSE:SLE-15-SP2:Update/qemu
- SUSE:SLE-15-SP3:Update/qemu
- SUSE:SLE-15-SP4:Update/qemu

in addition
- SUSE:SLE-11-SP3:Update/kvm
Comment 6 Swamp Workflow Management 2022-07-04 13:19:43 UTC
SUSE-SU-2022:2254-1: An update that solves three vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1197084,1198035,1198037,1198712,1199018,1199924
CVE References: CVE-2021-4206,CVE-2021-4207,CVE-2022-26354
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    qemu-5.2.0-150300.115.2, qemu-linux-user-5.2.0-150300.115.2, qemu-testsuite-5.2.0-150300.115.4
SUSE Linux Enterprise Module for Server Applications 15-SP3 (src):    qemu-5.2.0-150300.115.2
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    qemu-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.2 (src):    qemu-5.2.0-150300.115.2
SUSE Linux Enterprise Micro 5.1 (src):    qemu-5.2.0-150300.115.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2022-07-04 19:17:04 UTC
SUSE-SU-2022:2260-1: An update that solves four vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1197084,1198035,1198037,1198711,1198712,1199015,1199018,1199625,1199924
CVE References: CVE-2021-4206,CVE-2021-4207,CVE-2022-26353,CVE-2022-26354
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    qemu-6.2.0-150400.37.5.3, qemu-linux-user-6.2.0-150400.37.5.1, qemu-testsuite-6.2.0-150400.37.5.5
SUSE Linux Enterprise Module for Server Applications 15-SP4 (src):    qemu-6.2.0-150400.37.5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    qemu-6.2.0-150400.37.5.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.