SUSE update for qemu

Published: 2021-06-30

Risk	Medium
Patch available	YES
Number of vulnerabilities	3
CVE-ID	CVE-2021-3544 CVE-2021-3545 CVE-2021-3546
CWE-ID	CWE-401 CWE-200 CWE-787
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	SUSE Linux Enterprise Module for Basesystem Operating systems & Components / Operating system SUSE Linux Enterprise Module for Server Applications Operating systems & Components / Operating system qemu-tools-debuginfo Operating systems & Components / Operating system package or component qemu-tools Operating systems & Components / Operating system package or component qemu-s390x-debuginfo Operating systems & Components / Operating system package or component qemu-s390x Operating systems & Components / Operating system package or component qemu-hw-s390x-virtio-gpu-ccw-debuginfo Operating systems & Components / Operating system package or component qemu-hw-s390x-virtio-gpu-ccw Operating systems & Components / Operating system package or component qemu-skiboot Operating systems & Components / Operating system package or component qemu-sgabios Operating systems & Components / Operating system package or component qemu-x86-debuginfo Operating systems & Components / Operating system package or component qemu-x86 Operating systems & Components / Operating system package or component qemu-audio-pa-debuginfo Operating systems & Components / Operating system package or component qemu-audio-pa Operating systems & Components / Operating system package or component qemu-audio-alsa-debuginfo Operating systems & Components / Operating system package or component qemu-audio-alsa Operating systems & Components / Operating system package or component qemu-ppc-debuginfo Operating systems & Components / Operating system package or component qemu-ppc Operating systems & Components / Operating system package or component qemu-arm-debuginfo Operating systems & Components / Operating system package or component qemu-arm Operating systems & Components / Operating system package or component qemu-kvm Operating systems & Components / Operating system package or component qemu-hw-display-virtio-gpu-pci-debuginfo Operating systems & Components / Operating system package or component qemu-hw-display-virtio-gpu-pci Operating systems & Components / Operating system package or component qemu-hw-display-virtio-gpu-debuginfo Operating systems & Components / Operating system package or component qemu-hw-display-virtio-gpu Operating systems & Components / Operating system package or component qemu-ui-spice-core-debuginfo Operating systems & Components / Operating system package or component qemu-ui-spice-core Operating systems & Components / Operating system package or component qemu-ui-spice-app-debuginfo Operating systems & Components / Operating system package or component qemu-ui-spice-app Operating systems & Components / Operating system package or component qemu-ui-opengl-debuginfo Operating systems & Components / Operating system package or component qemu-ui-opengl Operating systems & Components / Operating system package or component qemu-ui-gtk-debuginfo Operating systems & Components / Operating system package or component qemu-ui-gtk Operating systems & Components / Operating system package or component qemu-hw-usb-redirect-debuginfo Operating systems & Components / Operating system package or component qemu-hw-usb-redirect Operating systems & Components / Operating system package or component qemu-hw-display-virtio-vga-debuginfo Operating systems & Components / Operating system package or component qemu-hw-display-virtio-vga Operating systems & Components / Operating system package or component qemu-hw-display-qxl-debuginfo Operating systems & Components / Operating system package or component qemu-hw-display-qxl Operating systems & Components / Operating system package or component qemu-chardev-spice-debuginfo Operating systems & Components / Operating system package or component qemu-chardev-spice Operating systems & Components / Operating system package or component qemu-audio-spice-debuginfo Operating systems & Components / Operating system package or component qemu-audio-spice Operating systems & Components / Operating system package or component qemu-ui-curses-debuginfo Operating systems & Components / Operating system package or component qemu-ui-curses Operating systems & Components / Operating system package or component qemu-lang Operating systems & Components / Operating system package or component qemu-ksm Operating systems & Components / Operating system package or component qemu-guest-agent-debuginfo Operating systems & Components / Operating system package or component qemu-guest-agent Operating systems & Components / Operating system package or component qemu-debugsource Operating systems & Components / Operating system package or component qemu-debuginfo Operating systems & Components / Operating system package or component qemu-chardev-baum-debuginfo Operating systems & Components / Operating system package or component qemu-chardev-baum Operating systems & Components / Operating system package or component qemu-block-ssh-debuginfo Operating systems & Components / Operating system package or component qemu-block-ssh Operating systems & Components / Operating system package or component qemu-block-rbd-debuginfo Operating systems & Components / Operating system package or component qemu-block-rbd Operating systems & Components / Operating system package or component qemu-block-iscsi-debuginfo Operating systems & Components / Operating system package or component qemu-block-iscsi Operating systems & Components / Operating system package or component qemu-block-curl-debuginfo Operating systems & Components / Operating system package or component qemu-block-curl Operating systems & Components / Operating system package or component qemu Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Memory leak

EUVDB-ID: #VU53679

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3544

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote user to perform DoS attack on the target system.

The vulnerability exists due to multiple memory leaks in the vhost-user-gpu/vhost-user-gpu.c. A remote authenticated user of the guest operating system can force the application to leak memory and perform denial of service attack.

Mitigation

Update the affected package qemu to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Module for Basesystem: 15-SP3

SUSE Linux Enterprise Module for Server Applications: 15-SP3

qemu-tools-debuginfo: before 5.2.0-20.1

qemu-tools: before 5.2.0-20.1

qemu-s390x-debuginfo: before 5.2.0-20.1

qemu-s390x: before 5.2.0-20.1

qemu-hw-s390x-virtio-gpu-ccw-debuginfo: before 5.2.0-20.1

qemu-hw-s390x-virtio-gpu-ccw: before 5.2.0-20.1

qemu-skiboot: before 5.2.0-20.1

qemu-sgabios: before 8-20.1

qemu-x86-debuginfo: before 5.2.0-20.1

qemu-x86: before 5.2.0-20.1

qemu-audio-pa-debuginfo: before 5.2.0-20.1

qemu-audio-pa: before 5.2.0-20.1

qemu-audio-alsa-debuginfo: before 5.2.0-20.1

qemu-audio-alsa: before 5.2.0-20.1

qemu-ppc-debuginfo: before 5.2.0-20.1

qemu-ppc: before 5.2.0-20.1

qemu-arm-debuginfo: before 5.2.0-20.1

qemu-arm: before 5.2.0-20.1

qemu-kvm: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-pci-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-pci: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-gpu: before 5.2.0-20.1

qemu-ui-spice-core-debuginfo: before 5.2.0-20.1

qemu-ui-spice-core: before 5.2.0-20.1

qemu-ui-spice-app-debuginfo: before 5.2.0-20.1

qemu-ui-spice-app: before 5.2.0-20.1

qemu-ui-opengl-debuginfo: before 5.2.0-20.1

qemu-ui-opengl: before 5.2.0-20.1

qemu-ui-gtk-debuginfo: before 5.2.0-20.1

qemu-ui-gtk: before 5.2.0-20.1

qemu-hw-usb-redirect-debuginfo: before 5.2.0-20.1

qemu-hw-usb-redirect: before 5.2.0-20.1

qemu-hw-display-virtio-vga-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-vga: before 5.2.0-20.1

qemu-hw-display-qxl-debuginfo: before 5.2.0-20.1

qemu-hw-display-qxl: before 5.2.0-20.1

qemu-chardev-spice-debuginfo: before 5.2.0-20.1

qemu-chardev-spice: before 5.2.0-20.1

qemu-audio-spice-debuginfo: before 5.2.0-20.1

qemu-audio-spice: before 5.2.0-20.1

qemu-ui-curses-debuginfo: before 5.2.0-20.1

qemu-ui-curses: before 5.2.0-20.1

qemu-lang: before 5.2.0-20.1

qemu-ksm: before 5.2.0-20.1

qemu-guest-agent-debuginfo: before 5.2.0-20.1

qemu-guest-agent: before 5.2.0-20.1

qemu-debugsource: before 5.2.0-20.1

qemu-debuginfo: before 5.2.0-20.1

qemu-chardev-baum-debuginfo: before 5.2.0-20.1

qemu-chardev-baum: before 5.2.0-20.1

qemu-block-ssh-debuginfo: before 5.2.0-20.1

qemu-block-ssh: before 5.2.0-20.1

qemu-block-rbd-debuginfo: before 5.2.0-20.1

qemu-block-rbd: before 5.2.0-20.1

qemu-block-iscsi-debuginfo: before 5.2.0-20.1

qemu-block-iscsi: before 5.2.0-20.1

qemu-block-curl-debuginfo: before 5.2.0-20.1

qemu-block-curl: before 5.2.0-20.1

qemu: before 5.2.0-20.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2021/suse-su-20212213-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU53680

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3545

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to uninitialized memory disclosure within the virgl_cmd_get_capset_info() function in vhost-user-gpu/virgl.c. A remote authenticated user of the guest operating system can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package qemu to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Module for Basesystem: 15-SP3

SUSE Linux Enterprise Module for Server Applications: 15-SP3

qemu-tools-debuginfo: before 5.2.0-20.1

qemu-tools: before 5.2.0-20.1

qemu-s390x-debuginfo: before 5.2.0-20.1

qemu-s390x: before 5.2.0-20.1

qemu-hw-s390x-virtio-gpu-ccw-debuginfo: before 5.2.0-20.1

qemu-hw-s390x-virtio-gpu-ccw: before 5.2.0-20.1

qemu-skiboot: before 5.2.0-20.1

qemu-sgabios: before 8-20.1

qemu-x86-debuginfo: before 5.2.0-20.1

qemu-x86: before 5.2.0-20.1

qemu-audio-pa-debuginfo: before 5.2.0-20.1

qemu-audio-pa: before 5.2.0-20.1

qemu-audio-alsa-debuginfo: before 5.2.0-20.1

qemu-audio-alsa: before 5.2.0-20.1

qemu-ppc-debuginfo: before 5.2.0-20.1

qemu-ppc: before 5.2.0-20.1

qemu-arm-debuginfo: before 5.2.0-20.1

qemu-arm: before 5.2.0-20.1

qemu-kvm: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-pci-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-pci: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-gpu: before 5.2.0-20.1

qemu-ui-spice-core-debuginfo: before 5.2.0-20.1

qemu-ui-spice-core: before 5.2.0-20.1

qemu-ui-spice-app-debuginfo: before 5.2.0-20.1

qemu-ui-spice-app: before 5.2.0-20.1

qemu-ui-opengl-debuginfo: before 5.2.0-20.1

qemu-ui-opengl: before 5.2.0-20.1

qemu-ui-gtk-debuginfo: before 5.2.0-20.1

qemu-ui-gtk: before 5.2.0-20.1

qemu-hw-usb-redirect-debuginfo: before 5.2.0-20.1

qemu-hw-usb-redirect: before 5.2.0-20.1

qemu-hw-display-virtio-vga-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-vga: before 5.2.0-20.1

qemu-hw-display-qxl-debuginfo: before 5.2.0-20.1

qemu-hw-display-qxl: before 5.2.0-20.1

qemu-chardev-spice-debuginfo: before 5.2.0-20.1

qemu-chardev-spice: before 5.2.0-20.1

qemu-audio-spice-debuginfo: before 5.2.0-20.1

qemu-audio-spice: before 5.2.0-20.1

qemu-ui-curses-debuginfo: before 5.2.0-20.1

qemu-ui-curses: before 5.2.0-20.1

qemu-lang: before 5.2.0-20.1

qemu-ksm: before 5.2.0-20.1

qemu-guest-agent-debuginfo: before 5.2.0-20.1

qemu-guest-agent: before 5.2.0-20.1

qemu-debugsource: before 5.2.0-20.1

qemu-debuginfo: before 5.2.0-20.1

qemu-chardev-baum-debuginfo: before 5.2.0-20.1

qemu-chardev-baum: before 5.2.0-20.1

qemu-block-ssh-debuginfo: before 5.2.0-20.1

qemu-block-ssh: before 5.2.0-20.1

qemu-block-rbd-debuginfo: before 5.2.0-20.1

qemu-block-rbd: before 5.2.0-20.1

qemu-block-iscsi-debuginfo: before 5.2.0-20.1

qemu-block-iscsi: before 5.2.0-20.1

qemu-block-curl-debuginfo: before 5.2.0-20.1

qemu-block-curl: before 5.2.0-20.1

qemu: before 5.2.0-20.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2021/suse-su-20212213-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds write

EUVDB-ID: #VU53681

Risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3546

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input within the virgl_cmd_get_capset() function in vhost-user-gpu/virgl.c. A remote authenticated user of the guest operating system can trigger an out-of-bounds write and escalate privileges.

Mitigation

Update the affected package qemu to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Module for Basesystem: 15-SP3

SUSE Linux Enterprise Module for Server Applications: 15-SP3

qemu-tools-debuginfo: before 5.2.0-20.1

qemu-tools: before 5.2.0-20.1

qemu-s390x-debuginfo: before 5.2.0-20.1

qemu-s390x: before 5.2.0-20.1

qemu-hw-s390x-virtio-gpu-ccw-debuginfo: before 5.2.0-20.1

qemu-hw-s390x-virtio-gpu-ccw: before 5.2.0-20.1

qemu-skiboot: before 5.2.0-20.1

qemu-sgabios: before 8-20.1

qemu-x86-debuginfo: before 5.2.0-20.1

qemu-x86: before 5.2.0-20.1

qemu-audio-pa-debuginfo: before 5.2.0-20.1

qemu-audio-pa: before 5.2.0-20.1

qemu-audio-alsa-debuginfo: before 5.2.0-20.1

qemu-audio-alsa: before 5.2.0-20.1

qemu-ppc-debuginfo: before 5.2.0-20.1

qemu-ppc: before 5.2.0-20.1

qemu-arm-debuginfo: before 5.2.0-20.1

qemu-arm: before 5.2.0-20.1

qemu-kvm: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-pci-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-pci: before 5.2.0-20.1

qemu-hw-display-virtio-gpu-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-gpu: before 5.2.0-20.1

qemu-ui-spice-core-debuginfo: before 5.2.0-20.1

qemu-ui-spice-core: before 5.2.0-20.1

qemu-ui-spice-app-debuginfo: before 5.2.0-20.1

qemu-ui-spice-app: before 5.2.0-20.1

qemu-ui-opengl-debuginfo: before 5.2.0-20.1

qemu-ui-opengl: before 5.2.0-20.1

qemu-ui-gtk-debuginfo: before 5.2.0-20.1

qemu-ui-gtk: before 5.2.0-20.1

qemu-hw-usb-redirect-debuginfo: before 5.2.0-20.1

qemu-hw-usb-redirect: before 5.2.0-20.1

qemu-hw-display-virtio-vga-debuginfo: before 5.2.0-20.1

qemu-hw-display-virtio-vga: before 5.2.0-20.1

qemu-hw-display-qxl-debuginfo: before 5.2.0-20.1

qemu-hw-display-qxl: before 5.2.0-20.1

qemu-chardev-spice-debuginfo: before 5.2.0-20.1

qemu-chardev-spice: before 5.2.0-20.1

qemu-audio-spice-debuginfo: before 5.2.0-20.1

qemu-audio-spice: before 5.2.0-20.1

qemu-ui-curses-debuginfo: before 5.2.0-20.1

qemu-ui-curses: before 5.2.0-20.1

qemu-lang: before 5.2.0-20.1

qemu-ksm: before 5.2.0-20.1

qemu-guest-agent-debuginfo: before 5.2.0-20.1

qemu-guest-agent: before 5.2.0-20.1

qemu-debugsource: before 5.2.0-20.1

qemu-debuginfo: before 5.2.0-20.1

qemu-chardev-baum-debuginfo: before 5.2.0-20.1

qemu-chardev-baum: before 5.2.0-20.1

qemu-block-ssh-debuginfo: before 5.2.0-20.1

qemu-block-ssh: before 5.2.0-20.1

qemu-block-rbd-debuginfo: before 5.2.0-20.1

qemu-block-rbd: before 5.2.0-20.1

qemu-block-iscsi-debuginfo: before 5.2.0-20.1

qemu-block-iscsi: before 5.2.0-20.1

qemu-block-curl-debuginfo: before 5.2.0-20.1

qemu-block-curl: before 5.2.0-20.1

qemu: before 5.2.0-20.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2021/suse-su-20212213-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.