Bugzilla – Bug 1198037
VUL-0: CVE-2021-4207: qemu,kvm: double fetch in qxl_cursor() can lead to heap buffer overflow
Last modified: 2023-03-07 19:05:28 UTC
rh#2036966 In the QEMU QXL video acelerator a double fetch leads to heap overflow in qxl_unpack_chunks function. References: https://bugzilla.redhat.com/show_bug.cgi?id=2036966 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4207
tracking all as affected: - SUSE:SLE-12-SP2:Update/qemu - SUSE:SLE-12-SP3:Update/qemu - SUSE:SLE-12-SP4:Update/qemu - SUSE:SLE-12-SP5:Update/qemu - SUSE:SLE-15:Update/qemu - SUSE:SLE-15-SP1:Update/qemu - SUSE:SLE-15-SP2:Update/qemu - SUSE:SLE-15-SP3:Update/qemu - SUSE:SLE-15-SP4:Update/qemu in addition - SUSE:SLE-11-SP3:Update/kvm
SUSE-SU-2022:2254-1: An update that solves three vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1197084,1198035,1198037,1198712,1199018,1199924 CVE References: CVE-2021-4206,CVE-2021-4207,CVE-2022-26354 JIRA References: Sources used: openSUSE Leap 15.3 (src): qemu-5.2.0-150300.115.2, qemu-linux-user-5.2.0-150300.115.2, qemu-testsuite-5.2.0-150300.115.4 SUSE Linux Enterprise Module for Server Applications 15-SP3 (src): qemu-5.2.0-150300.115.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): qemu-5.2.0-150300.115.2 SUSE Linux Enterprise Micro 5.2 (src): qemu-5.2.0-150300.115.2 SUSE Linux Enterprise Micro 5.1 (src): qemu-5.2.0-150300.115.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2260-1: An update that solves four vulnerabilities and has 5 fixes is now available. Category: security (important) Bug References: 1197084,1198035,1198037,1198711,1198712,1199015,1199018,1199625,1199924 CVE References: CVE-2021-4206,CVE-2021-4207,CVE-2022-26353,CVE-2022-26354 JIRA References: Sources used: openSUSE Leap 15.4 (src): qemu-6.2.0-150400.37.5.3, qemu-linux-user-6.2.0-150400.37.5.1, qemu-testsuite-6.2.0-150400.37.5.5 SUSE Linux Enterprise Module for Server Applications 15-SP4 (src): qemu-6.2.0-150400.37.5.3 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): qemu-6.2.0-150400.37.5.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
This is an autogenerated message for OBS integration: This bug (1198037) was mentioned in https://build.opensuse.org/request/show/990694 Factory / qemu
SUSE-SU-2022:3594-1: An update that solves 5 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1175144,1182282,1192115,1198035,1198037,1198038 CVE References: CVE-2021-3409,CVE-2021-4206,CVE-2021-4207,CVE-2022-0216,CVE-2022-35414 JIRA References: Sources used: openSUSE Leap 15.4 (src): qemu-4.2.1-150200.69.1 openSUSE Leap 15.3 (src): qemu-4.2.1-150200.69.1 SUSE Manager Server 4.1 (src): qemu-4.2.1-150200.69.1 SUSE Manager Retail Branch Server 4.1 (src): qemu-4.2.1-150200.69.1 SUSE Manager Proxy 4.1 (src): qemu-4.2.1-150200.69.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): qemu-4.2.1-150200.69.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): qemu-4.2.1-150200.69.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): qemu-4.2.1-150200.69.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): qemu-4.2.1-150200.69.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): qemu-4.2.1-150200.69.1 SUSE Enterprise Storage 7 (src): qemu-4.2.1-150200.69.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:3768-1: An update that solves 7 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1175144,1182282,1185000,1192463,1198035,1198037,1198038,1201367 CVE References: CVE-2020-17380,CVE-2021-3409,CVE-2021-3507,CVE-2021-4206,CVE-2021-4207,CVE-2022-0216,CVE-2022-35414 JIRA References: Sources used: openSUSE Leap 15.3 (src): qemu-3.1.1.1-150100.80.43.2 SUSE Linux Enterprise Server for SAP 15-SP1 (src): qemu-3.1.1.1-150100.80.43.2 SUSE Linux Enterprise Server 15-SP1-LTSS (src): qemu-3.1.1.1-150100.80.43.2 SUSE Linux Enterprise Server 15-SP1-BCL (src): qemu-3.1.1.1-150100.80.43.2 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): qemu-3.1.1.1-150100.80.43.2 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): qemu-3.1.1.1-150100.80.43.2 SUSE Enterprise Storage 6 (src): qemu-3.1.1.1-150100.80.43.2 SUSE CaaS Platform 4.0 (src): qemu-3.1.1.1-150100.80.43.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.