{"id":"SUSE-SU-2021:2563-1","summary":"Security update for qemu","details":"This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366)\n- CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364)\n- CVE-2021-3594: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367)\n- CVE-2021-3593: Fix for slirp: invalid pointer initialization may lead to information disclosure (udp6) (bsc#1187365)\n- CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow (bsc#1187529)\n\n","modified":"2026-02-04T04:02:47.960412Z","published":"2021-07-29T11:25:29Z","related":["CVE-2021-3592","CVE-2021-3593","CVE-2021-3594","CVE-2021-3595","CVE-2021-3611"],"upstream":["CVE-2021-3592","CVE-2021-3593","CVE-2021-3594","CVE-2021-3595","CVE-2021-3611"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20212563-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187364"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187365"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187366"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187367"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187529"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3592"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3593"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3594"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3595"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3611"}],"affected":[{"package":{"name":"qemu","ecosystem":"SUSE:HPE Helion OpenStack 8","purl":"pkg:rpm/suse/qemu&distro=HPE%20Helion%20OpenStack%208"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-6.53.1"}]}],"ecosystem_specific":{"binaries":[{"qemu-block-iscsi":"2.9.1-6.53.1","qemu-seabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-ipxe":"1.0.0+-6.53.1","qemu-block-ssh":"2.9.1-6.53.1","qemu-kvm":"2.9.1-6.53.1","qemu-guest-agent":"2.9.1-6.53.1","qemu-block-curl":"2.9.1-6.53.1","qemu":"2.9.1-6.53.1","qemu-x86":"2.9.1-6.53.1","qemu-vgabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-block-rbd":"2.9.1-6.53.1","qemu-tools":"2.9.1-6.53.1","qemu-lang":"2.9.1-6.53.1","qemu-sgabios":"8-6.53.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2563-1.json"}},{"package":{"name":"qemu","ecosystem":"SUSE:OpenStack Cloud 8","purl":"pkg:rpm/suse/qemu&distro=SUSE%20OpenStack%20Cloud%208"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-6.53.1"}]}],"ecosystem_specific":{"binaries":[{"qemu-block-iscsi":"2.9.1-6.53.1","qemu-seabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-ipxe":"1.0.0+-6.53.1","qemu-block-ssh":"2.9.1-6.53.1","qemu-kvm":"2.9.1-6.53.1","qemu-guest-agent":"2.9.1-6.53.1","qemu-block-curl":"2.9.1-6.53.1","qemu":"2.9.1-6.53.1","qemu-x86":"2.9.1-6.53.1","qemu-vgabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-block-rbd":"2.9.1-6.53.1","qemu-tools":"2.9.1-6.53.1","qemu-lang":"2.9.1-6.53.1","qemu-sgabios":"8-6.53.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2563-1.json"}},{"package":{"name":"qemu","ecosystem":"SUSE:OpenStack Cloud Crowbar 8","purl":"pkg:rpm/suse/qemu&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-6.53.1"}]}],"ecosystem_specific":{"binaries":[{"qemu-block-iscsi":"2.9.1-6.53.1","qemu-seabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-ipxe":"1.0.0+-6.53.1","qemu-block-ssh":"2.9.1-6.53.1","qemu-kvm":"2.9.1-6.53.1","qemu-guest-agent":"2.9.1-6.53.1","qemu-block-curl":"2.9.1-6.53.1","qemu":"2.9.1-6.53.1","qemu-x86":"2.9.1-6.53.1","qemu-vgabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-block-rbd":"2.9.1-6.53.1","qemu-tools":"2.9.1-6.53.1","qemu-lang":"2.9.1-6.53.1","qemu-sgabios":"8-6.53.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2563-1.json"}},{"package":{"name":"qemu","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-6.53.1"}]}],"ecosystem_specific":{"binaries":[{"qemu-vgabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-ppc":"2.9.1-6.53.1","qemu-x86":"2.9.1-6.53.1","qemu-tools":"2.9.1-6.53.1","qemu-seabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-block-curl":"2.9.1-6.53.1","qemu-sgabios":"8-6.53.1","qemu-lang":"2.9.1-6.53.1","qemu":"2.9.1-6.53.1","qemu-ipxe":"1.0.0+-6.53.1","qemu-block-ssh":"2.9.1-6.53.1","qemu-kvm":"2.9.1-6.53.1","qemu-guest-agent":"2.9.1-6.53.1","qemu-block-rbd":"2.9.1-6.53.1","qemu-block-iscsi":"2.9.1-6.53.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2563-1.json"}},{"package":{"name":"qemu","ecosystem":"SUSE:Linux Enterprise Server 12 SP3-LTSS","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-6.53.1"}]}],"ecosystem_specific":{"binaries":[{"qemu-block-iscsi":"2.9.1-6.53.1","qemu-s390":"2.9.1-6.53.1","qemu-arm":"2.9.1-6.53.1","qemu-tools":"2.9.1-6.53.1","qemu-ppc":"2.9.1-6.53.1","qemu-block-curl":"2.9.1-6.53.1","qemu-sgabios":"8-6.53.1","qemu-lang":"2.9.1-6.53.1","qemu":"2.9.1-6.53.1","qemu-ipxe":"1.0.0+-6.53.1","qemu-block-ssh":"2.9.1-6.53.1","qemu-kvm":"2.9.1-6.53.1","qemu-guest-agent":"2.9.1-6.53.1","qemu-block-rbd":"2.9.1-6.53.1","qemu-x86":"2.9.1-6.53.1","qemu-vgabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-seabios":"1.10.2_0_g5f4c7b1-6.53.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2563-1.json"}},{"package":{"name":"qemu","ecosystem":"SUSE:Linux Enterprise Server 12 SP3-BCL","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-6.53.1"}]}],"ecosystem_specific":{"binaries":[{"qemu-block-iscsi":"2.9.1-6.53.1","qemu-seabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-ipxe":"1.0.0+-6.53.1","qemu-block-ssh":"2.9.1-6.53.1","qemu-kvm":"2.9.1-6.53.1","qemu-guest-agent":"2.9.1-6.53.1","qemu-block-curl":"2.9.1-6.53.1","qemu":"2.9.1-6.53.1","qemu-x86":"2.9.1-6.53.1","qemu-vgabios":"1.10.2_0_g5f4c7b1-6.53.1","qemu-block-rbd":"2.9.1-6.53.1","qemu-tools":"2.9.1-6.53.1","qemu-lang":"2.9.1-6.53.1","qemu-sgabios":"8-6.53.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2563-1.json"}}],"schema_version":"1.7.3"}