Main Vulnerability Database SB2022041137

SB2022041137 - SUSE update for qemu

Published: April 11, 2022

Security Bulletin ID SB2022041137

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Adjecent network

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2021-20196)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the floppy disk emulator of QEMU. A privileged guest can trigger a NULL pointer dereference error and cause a denial of service.

2) Off-by-one (CVE-ID: CVE-2021-3930)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error in the SCSI device emulation in QEMU. A remote user on the guest OS can can trigger an off-by-one error while processing MODE SELECT commands in mode_sense_page() if the 'page' argument is set to MODE_PAGE_ALLS (0x3f). Successful exploitation of the vulnerability may result in QEMU crash.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2022/suse-su-20221151-1/

Vulnerable Software

SUSE Linux Enterprise Server: 12-SP5
qemu-s390-debuginfo: before 3.1.1.1-63.4
qemu-s390: before 3.1.1.1-63.4
qemu-x86: before 3.1.1.1-63.4
qemu-vgabios: before 1.12.0_0_ga698c89-63.4
qemu-sgabios: before 8-63.4
qemu-seabios: before 1.12.0_0_ga698c89-63.4
qemu-ipxe: before 1.0.0+-63.4
qemu-ppc-debuginfo: before 3.1.1.1-63.4
qemu-ppc: before 3.1.1.1-63.4
qemu-arm-debuginfo: before 3.1.1.1-63.4
qemu-arm: before 3.1.1.1-63.4
qemu-kvm: before 3.1.1.1-63.4
qemu-block-rbd-debuginfo: before 3.1.1.1-63.4
qemu-block-rbd: before 3.1.1.1-63.4
qemu-ui-sdl-debuginfo: before 3.1.1.1-63.4
qemu-ui-sdl: before 3.1.1.1-63.4
qemu-ui-gtk-debuginfo: before 3.1.1.1-63.4
qemu-ui-gtk: before 3.1.1.1-63.4
qemu-ui-curses-debuginfo: before 3.1.1.1-63.4
qemu-ui-curses: before 3.1.1.1-63.4
qemu-tools-debuginfo: before 3.1.1.1-63.4
qemu-tools: before 3.1.1.1-63.4
qemu-lang: before 3.1.1.1-63.4
qemu-guest-agent-debuginfo: before 3.1.1.1-63.4
qemu-guest-agent: before 3.1.1.1-63.4
qemu-debugsource: before 3.1.1.1-63.4
qemu-block-ssh-debuginfo: before 3.1.1.1-63.4
qemu-block-ssh: before 3.1.1.1-63.4
qemu-block-iscsi-debuginfo: before 3.1.1.1-63.4
qemu-block-iscsi: before 3.1.1.1-63.4
qemu-block-curl-debuginfo: before 3.1.1.1-63.4
qemu-block-curl: before 3.1.1.1-63.4
qemu-audio-sdl-debuginfo: before 3.1.1.1-63.4
qemu-audio-sdl: before 3.1.1.1-63.4
qemu-audio-pa-debuginfo: before 3.1.1.1-63.4
qemu-audio-pa: before 3.1.1.1-63.4
qemu-audio-oss-debuginfo: before 3.1.1.1-63.4
qemu-audio-oss: before 3.1.1.1-63.4
qemu-audio-alsa-debuginfo: before 3.1.1.1-63.4
qemu-audio-alsa: before 3.1.1.1-63.4
qemu: before 3.1.1.1-63.4