products/SUSE_ALP_Standard
9
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
42cdd458ef
SUSE_ALP_Standard/patchinfo.20241016134533856494.269002615871826/_patchinfo

55 lines
3.1 KiB
Plaintext
Raw Normal View History

Update incident numbers
2024-11-15 13:31:08 +01:00
<patchinfo incident="93">
Adding patchinfo patchinfo.20241016134533856494.269002615871826
2024-11-12 13:57:25 +01:00
<!-- generated from request(s) 348619 -->
<issue tracker="bnc" id="1224132">VUL-0: CVE-2024-4693: qemu: virtio-pci: improper release of configure vector leads to guest triggerable crash</issue>
<issue tracker="bnc" id="1229007">VUL-0: CVE-2024-7409: qemu: denial of service via improper synchronization in QEMU NBD Server during socket closure</issue>
<issue tracker="bnc" id="1229929">slem6.1, ppc64le only, zypper ref command gets return code 139 after registering the system</issue>
<issue tracker="bnc" id="1230140">QEMU is missing fix for ppc64 emulation, causing corruption in userspace</issue>
<issue tracker="bnc" id="1230834">VUL-0: CVE-2024-8354: kvm,qemu: usb: assertion failure in usb_ep_get()</issue>
<issue tracker="bnc" id="1230915">VUL-0: CVE-2024-8612: qemu: qemu-kvm: information leak in virtio devices</issue>
<issue tracker="bnc" id="1231519">[sles15sp7][27.1]KVM_SET_USER_MEMORY_REGION Failure During SLES VM Installation on AArch64 Using Virt-Install</issue>
<issue tracker="cve" id="2024-4693"/>
<issue tracker="cve" id="2024-7409"/>
<issue tracker="cve" id="2024-8354"/>
<issue tracker="cve" id="2024-8612"/>
<packager>dfaggioli</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for qemu</summary>
<description>This update for qemu fixes the following issues:
- Bugfixes and CVEs:
* hw/usb/hcd-ohci: Fix #1510, #303: pid not IN or OUT (bsc#1230834, CVE-2024-8354)
* softmmu: Support concurrent bounce buffers (bsc#1230915, CVE-2024-8612)
* system/physmem: Per-AddressSpace bounce buffering (bsc#1230915, CVE-2024-8612)
* system/physmem: Propagate AddressSpace to MapClient helpers (bsc#1230915, CVE-2024-8612)
* system/physmem: Replace qemu_mutex_lock() calls with QEMU_LOCK_GUARD (bsc#1230915, CVE-2024-8612)
- Update version to 8.2.7
* Full changelog here:
https://lore.kernel.org/qemu-devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305@tls.msk.ru/
* Fixes:
bsc#1229007, CVE-2024-7409
bsc#1224132, CVE-2024-4693
* Some backports:
gitlab: fix logic for changing docker tag on stable branches
ui/sdl2: set swap interval explicitly when OpenGL is enabled
hw/intc/arm_gic: fix spurious level triggered interrupts
hw/audio/virtio-sound: fix heap buffer overflow
tests/docker: update debian i686 and mipsel images to bookworm
tests/docker: remove debian-armel-cross
hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read()
crypto: check gnutls &amp; gcrypt support the requested pbkdf hash
crypto: run qcrypto_pbkdf2_count_iters in a new thread
softmmu/physmem: fix memory leak in dirty_memory_extend()
target/ppc: Fix migration of CPUs with TLB_EMB TLB type
gitlab: migrate the s390x custom machine to 22.04
target/hppa: Fix PSW V-bit packaging in cpu_hppa_get for hppa64
hw/audio/virtio-snd: fix invalid param check
virtio-pci: Fix the use of an uninitialized irqfd
- Fix bsc#1231519:
* accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519)
</description>
<package>qemu</package>
<package>qemu:qemu-linux-user</package>
<seperate_build_arch/>
Update incident numbers
2024-11-15 13:31:08 +01:00
</patchinfo>
Reference in New Issue Copy Permalink