{"affected":[{"ecosystem_specific":{"binaries":[{"qemu-img":"8.2.7-150600.3.20.1","qemu-pr-helper":"8.2.7-150600.3.20.1","qemu-tools":"8.2.7-150600.3.20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"qemu","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.2.7-150600.3.20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"qemu-SLOF":"8.2.7-150600.3.20.1","qemu-accel-qtest":"8.2.7-150600.3.20.1","qemu-accel-tcg-x86":"8.2.7-150600.3.20.1","qemu-arm":"8.2.7-150600.3.20.1","qemu-audio-alsa":"8.2.7-150600.3.20.1","qemu-audio-jack":"8.2.7-150600.3.20.1","qemu-audio-oss":"8.2.7-150600.3.20.1","qemu-audio-pa":"8.2.7-150600.3.20.1","qemu-audio-spice":"8.2.7-150600.3.20.1","qemu-block-dmg":"8.2.7-150600.3.20.1","qemu-block-gluster":"8.2.7-150600.3.20.1","qemu-block-nfs":"8.2.7-150600.3.20.1","qemu-chardev-spice":"8.2.7-150600.3.20.1","qemu-extra":"8.2.7-150600.3.20.1","qemu-hw-display-qxl":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu-pci":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-vga":"8.2.7-150600.3.20.1","qemu-hw-s390x-virtio-gpu-ccw":"8.2.7-150600.3.20.1","qemu-hw-usb-redirect":"8.2.7-150600.3.20.1","qemu-hw-usb-smartcard":"8.2.7-150600.3.20.1","qemu-ivshmem-tools":"8.2.7-150600.3.20.1","qemu-linux-user":"8.2.7-150600.3.20.1","qemu-microvm":"8.2.7-150600.3.20.1","qemu-ppc":"8.2.7-150600.3.20.1","qemu-s390x":"8.2.7-150600.3.20.1","qemu-seabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-skiboot":"8.2.7-150600.3.20.1","qemu-ui-gtk":"8.2.7-150600.3.20.1","qemu-ui-opengl":"8.2.7-150600.3.20.1","qemu-ui-spice-app":"8.2.7-150600.3.20.1","qemu-ui-spice-core":"8.2.7-150600.3.20.1","qemu-vgabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-vhost-user-gpu":"8.2.7-150600.3.20.1","qemu-x86":"8.2.7-150600.3.20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP6","name":"qemu","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.2.7-150600.3.20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"qemu-SLOF":"8.2.7-150600.3.20.1","qemu-accel-qtest":"8.2.7-150600.3.20.1","qemu-accel-tcg-x86":"8.2.7-150600.3.20.1","qemu-arm":"8.2.7-150600.3.20.1","qemu-audio-alsa":"8.2.7-150600.3.20.1","qemu-audio-jack":"8.2.7-150600.3.20.1","qemu-audio-oss":"8.2.7-150600.3.20.1","qemu-audio-pa":"8.2.7-150600.3.20.1","qemu-audio-spice":"8.2.7-150600.3.20.1","qemu-block-dmg":"8.2.7-150600.3.20.1","qemu-block-gluster":"8.2.7-150600.3.20.1","qemu-block-nfs":"8.2.7-150600.3.20.1","qemu-chardev-spice":"8.2.7-150600.3.20.1","qemu-extra":"8.2.7-150600.3.20.1","qemu-hw-display-qxl":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu-pci":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-vga":"8.2.7-150600.3.20.1","qemu-hw-s390x-virtio-gpu-ccw":"8.2.7-150600.3.20.1","qemu-hw-usb-redirect":"8.2.7-150600.3.20.1","qemu-hw-usb-smartcard":"8.2.7-150600.3.20.1","qemu-ivshmem-tools":"8.2.7-150600.3.20.1","qemu-linux-user":"8.2.7-150600.3.20.1","qemu-microvm":"8.2.7-150600.3.20.1","qemu-ppc":"8.2.7-150600.3.20.1","qemu-s390x":"8.2.7-150600.3.20.1","qemu-seabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-skiboot":"8.2.7-150600.3.20.1","qemu-ui-gtk":"8.2.7-150600.3.20.1","qemu-ui-opengl":"8.2.7-150600.3.20.1","qemu-ui-spice-app":"8.2.7-150600.3.20.1","qemu-ui-spice-core":"8.2.7-150600.3.20.1","qemu-vgabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-vhost-user-gpu":"8.2.7-150600.3.20.1","qemu-x86":"8.2.7-150600.3.20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP6","name":"qemu-linux-user","purl":"pkg:rpm/suse/qemu-linux-user&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.2.7-150600.3.20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"qemu":"8.2.7-150600.3.20.1","qemu-SLOF":"8.2.7-150600.3.20.1","qemu-accel-tcg-x86":"8.2.7-150600.3.20.1","qemu-arm":"8.2.7-150600.3.20.1","qemu-audio-alsa":"8.2.7-150600.3.20.1","qemu-audio-dbus":"8.2.7-150600.3.20.1","qemu-audio-pa":"8.2.7-150600.3.20.1","qemu-audio-pipewire":"8.2.7-150600.3.20.1","qemu-audio-spice":"8.2.7-150600.3.20.1","qemu-block-curl":"8.2.7-150600.3.20.1","qemu-block-iscsi":"8.2.7-150600.3.20.1","qemu-block-nfs":"8.2.7-150600.3.20.1","qemu-block-rbd":"8.2.7-150600.3.20.1","qemu-block-ssh":"8.2.7-150600.3.20.1","qemu-chardev-baum":"8.2.7-150600.3.20.1","qemu-chardev-spice":"8.2.7-150600.3.20.1","qemu-guest-agent":"8.2.7-150600.3.20.1","qemu-headless":"8.2.7-150600.3.20.1","qemu-hw-display-qxl":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu-pci":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-vga":"8.2.7-150600.3.20.1","qemu-hw-s390x-virtio-gpu-ccw":"8.2.7-150600.3.20.1","qemu-hw-usb-host":"8.2.7-150600.3.20.1","qemu-hw-usb-redirect":"8.2.7-150600.3.20.1","qemu-ipxe":"8.2.7-150600.3.20.1","qemu-ksm":"8.2.7-150600.3.20.1","qemu-lang":"8.2.7-150600.3.20.1","qemu-ppc":"8.2.7-150600.3.20.1","qemu-s390x":"8.2.7-150600.3.20.1","qemu-seabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-skiboot":"8.2.7-150600.3.20.1","qemu-spice":"8.2.7-150600.3.20.1","qemu-ui-curses":"8.2.7-150600.3.20.1","qemu-ui-dbus":"8.2.7-150600.3.20.1","qemu-ui-gtk":"8.2.7-150600.3.20.1","qemu-ui-opengl":"8.2.7-150600.3.20.1","qemu-ui-spice-app":"8.2.7-150600.3.20.1","qemu-ui-spice-core":"8.2.7-150600.3.20.1","qemu-vgabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-x86":"8.2.7-150600.3.20.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP6","name":"qemu","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.2.7-150600.3.20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"qemu":"8.2.7-150600.3.20.1","qemu-SLOF":"8.2.7-150600.3.20.1","qemu-accel-qtest":"8.2.7-150600.3.20.1","qemu-accel-tcg-x86":"8.2.7-150600.3.20.1","qemu-arm":"8.2.7-150600.3.20.1","qemu-audio-alsa":"8.2.7-150600.3.20.1","qemu-audio-dbus":"8.2.7-150600.3.20.1","qemu-audio-jack":"8.2.7-150600.3.20.1","qemu-audio-pa":"8.2.7-150600.3.20.1","qemu-audio-pipewire":"8.2.7-150600.3.20.1","qemu-audio-spice":"8.2.7-150600.3.20.1","qemu-block-curl":"8.2.7-150600.3.20.1","qemu-block-dmg":"8.2.7-150600.3.20.1","qemu-block-gluster":"8.2.7-150600.3.20.1","qemu-block-iscsi":"8.2.7-150600.3.20.1","qemu-block-nfs":"8.2.7-150600.3.20.1","qemu-block-rbd":"8.2.7-150600.3.20.1","qemu-block-ssh":"8.2.7-150600.3.20.1","qemu-chardev-baum":"8.2.7-150600.3.20.1","qemu-chardev-spice":"8.2.7-150600.3.20.1","qemu-doc":"8.2.7-150600.3.20.1","qemu-extra":"8.2.7-150600.3.20.1","qemu-guest-agent":"8.2.7-150600.3.20.1","qemu-headless":"8.2.7-150600.3.20.1","qemu-hw-display-qxl":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu-pci":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-vga":"8.2.7-150600.3.20.1","qemu-hw-s390x-virtio-gpu-ccw":"8.2.7-150600.3.20.1","qemu-hw-usb-host":"8.2.7-150600.3.20.1","qemu-hw-usb-redirect":"8.2.7-150600.3.20.1","qemu-hw-usb-smartcard":"8.2.7-150600.3.20.1","qemu-img":"8.2.7-150600.3.20.1","qemu-ipxe":"8.2.7-150600.3.20.1","qemu-ivshmem-tools":"8.2.7-150600.3.20.1","qemu-ksm":"8.2.7-150600.3.20.1","qemu-lang":"8.2.7-150600.3.20.1","qemu-linux-user":"8.2.7-150600.3.20.1","qemu-microvm":"8.2.7-150600.3.20.1","qemu-ppc":"8.2.7-150600.3.20.1","qemu-pr-helper":"8.2.7-150600.3.20.1","qemu-s390x":"8.2.7-150600.3.20.1","qemu-seabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-skiboot":"8.2.7-150600.3.20.1","qemu-spice":"8.2.7-150600.3.20.1","qemu-tools":"8.2.7-150600.3.20.1","qemu-ui-curses":"8.2.7-150600.3.20.1","qemu-ui-dbus":"8.2.7-150600.3.20.1","qemu-ui-gtk":"8.2.7-150600.3.20.1","qemu-ui-opengl":"8.2.7-150600.3.20.1","qemu-ui-spice-app":"8.2.7-150600.3.20.1","qemu-ui-spice-core":"8.2.7-150600.3.20.1","qemu-vgabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-vhost-user-gpu":"8.2.7-150600.3.20.1","qemu-x86":"8.2.7-150600.3.20.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"qemu","purl":"pkg:rpm/opensuse/qemu&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.2.7-150600.3.20.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"qemu":"8.2.7-150600.3.20.1","qemu-SLOF":"8.2.7-150600.3.20.1","qemu-accel-qtest":"8.2.7-150600.3.20.1","qemu-accel-tcg-x86":"8.2.7-150600.3.20.1","qemu-arm":"8.2.7-150600.3.20.1","qemu-audio-alsa":"8.2.7-150600.3.20.1","qemu-audio-dbus":"8.2.7-150600.3.20.1","qemu-audio-jack":"8.2.7-150600.3.20.1","qemu-audio-pa":"8.2.7-150600.3.20.1","qemu-audio-pipewire":"8.2.7-150600.3.20.1","qemu-audio-spice":"8.2.7-150600.3.20.1","qemu-block-curl":"8.2.7-150600.3.20.1","qemu-block-dmg":"8.2.7-150600.3.20.1","qemu-block-gluster":"8.2.7-150600.3.20.1","qemu-block-iscsi":"8.2.7-150600.3.20.1","qemu-block-nfs":"8.2.7-150600.3.20.1","qemu-block-rbd":"8.2.7-150600.3.20.1","qemu-block-ssh":"8.2.7-150600.3.20.1","qemu-chardev-baum":"8.2.7-150600.3.20.1","qemu-chardev-spice":"8.2.7-150600.3.20.1","qemu-doc":"8.2.7-150600.3.20.1","qemu-extra":"8.2.7-150600.3.20.1","qemu-guest-agent":"8.2.7-150600.3.20.1","qemu-headless":"8.2.7-150600.3.20.1","qemu-hw-display-qxl":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-gpu-pci":"8.2.7-150600.3.20.1","qemu-hw-display-virtio-vga":"8.2.7-150600.3.20.1","qemu-hw-s390x-virtio-gpu-ccw":"8.2.7-150600.3.20.1","qemu-hw-usb-host":"8.2.7-150600.3.20.1","qemu-hw-usb-redirect":"8.2.7-150600.3.20.1","qemu-hw-usb-smartcard":"8.2.7-150600.3.20.1","qemu-img":"8.2.7-150600.3.20.1","qemu-ipxe":"8.2.7-150600.3.20.1","qemu-ivshmem-tools":"8.2.7-150600.3.20.1","qemu-ksm":"8.2.7-150600.3.20.1","qemu-lang":"8.2.7-150600.3.20.1","qemu-linux-user":"8.2.7-150600.3.20.1","qemu-microvm":"8.2.7-150600.3.20.1","qemu-ppc":"8.2.7-150600.3.20.1","qemu-pr-helper":"8.2.7-150600.3.20.1","qemu-s390x":"8.2.7-150600.3.20.1","qemu-seabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-skiboot":"8.2.7-150600.3.20.1","qemu-spice":"8.2.7-150600.3.20.1","qemu-tools":"8.2.7-150600.3.20.1","qemu-ui-curses":"8.2.7-150600.3.20.1","qemu-ui-dbus":"8.2.7-150600.3.20.1","qemu-ui-gtk":"8.2.7-150600.3.20.1","qemu-ui-opengl":"8.2.7-150600.3.20.1","qemu-ui-spice-app":"8.2.7-150600.3.20.1","qemu-ui-spice-core":"8.2.7-150600.3.20.1","qemu-vgabios":"8.2.71.16.3_3_ga95067eb-150600.3.20.1","qemu-vhost-user-gpu":"8.2.7-150600.3.20.1","qemu-x86":"8.2.7-150600.3.20.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"qemu-linux-user","purl":"pkg:rpm/opensuse/qemu-linux-user&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.2.7-150600.3.20.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for qemu fixes the following issues:\n\nSecurity fixes:\n\n- CVE-2024-8354: Fixed assertion failure in usb_ep_get() (bsc#1230834)\n- CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915)\n\nUpdate version to 8.2.7:\n\nSecurity fixes:\n\n- CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007) \n- CVE-2024-4693: Fixed improper release of configure vector in virtio-pci that lead to guest triggerable crash (bsc#1224132)\n\nOther fixes:\n\n- added missing fix for ppc64 emulation that caused corruption in userspace (bsc#1230140)\n- target/ppc: Fix lxvx/stxvx facility check (bsc#1229929)\n- accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519)\n\nFull changelog here: \n\nhttps://lore.kernel.org/qemu-devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305@tls.msk.ru/\n","id":"SUSE-SU-2024:4094-1","modified":"2024-11-28T11:56:42Z","published":"2024-11-28T11:56:42Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20244094-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224132"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229007"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229929"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230140"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230834"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230915"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231519"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-4693"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7409"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-8354"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-8612"}],"related":["CVE-2024-4693","CVE-2024-7409","CVE-2024-8354","CVE-2024-8612"],"summary":"Security update for qemu","upstream":["CVE-2024-4693","CVE-2024-7409","CVE-2024-8354","CVE-2024-8612"]}