Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-8608 (GCVE-0-2020-8608)
Vulnerability from cvelistv5 – Published: 2020-02-06 16:45 – Updated: 2024-08-04 10:03
VLAI?
EPSS
Summary
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://gitlab.freedesktop.org/slirp/libslirp/com… | x_refsource_MISC |
| https://www.openwall.com/lists/oss-security/2020/… | x_refsource_MISC |
| https://gitlab.freedesktop.org/slirp/libslirp/-/t… | x_refsource_MISC |
| https://usn.ubuntu.com/4283-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://security.gentoo.org/glsa/202003-66 | vendor-advisoryx_refsource_GENTOO |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://www.debian.org/security/2020/dsa-4733 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://security.netapp.com/advisory/ntap-2020100… | x_refsource_CONFIRM |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"name": "USN-4283-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4283-1/"
},
{
"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"name": "GLSA-202003-66",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"name": "openSUSE-SU-2020:0468",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
},
{
"name": "DSA-4733",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-09T23:06:12.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"name": "USN-4283-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4283-1/"
},
{
"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"name": "GLSA-202003-66",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"name": "openSUSE-SU-2020:0468",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
},
{
"name": "DSA-4733",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-8608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843",
"refsource": "MISC",
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/02/06/2",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
},
{
"name": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0",
"refsource": "MISC",
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"name": "USN-4283-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4283-1/"
},
{
"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"name": "GLSA-202003-66",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"name": "openSUSE-SU-2020:0468",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
},
{
"name": "DSA-4733",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201001-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-8608",
"datePublished": "2020-02-06T16:45:25.000Z",
"dateReserved": "2020-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:03:46.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-8608",
"date": "2026-05-19",
"epss": "0.01501",
"percentile": "0.81347"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libslirp_project:libslirp:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3679E165-A6B7-41B5-AC02-F38A00DAFD78\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.\"}, {\"lang\": \"es\", \"value\": \"En libslirp versi\\u00f3n 4.1.0, como es usado en QEMU versi\\u00f3n 4.2.0, el archivo tcp_subr.c utiliza inapropiadamente los valores de retorno de snprintf, lo que conlleva a un desbordamiento del b\\u00fafer en el c\\u00f3digo posterior.\"}]",
"id": "CVE-2020-8608",
"lastModified": "2024-11-21T05:39:07.170",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-02-06T17:15:14.723",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-66\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201001-0002/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4283-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4733\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2020/02/06/2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-66\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201001-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4283-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4733\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2020/02/06/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-8608\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-02-06T17:15:14.723\",\"lastModified\":\"2024-11-21T05:39:07.170\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.\"},{\"lang\":\"es\",\"value\":\"En libslirp versi\u00f3n 4.1.0, como es usado en QEMU versi\u00f3n 4.2.0, el archivo tcp_subr.c utiliza inapropiadamente los valores de retorno de snprintf, lo que conlleva a un desbordamiento del b\u00fafer en el c\u00f3digo posterior.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libslirp_project:libslirp:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3679E165-A6B7-41B5-AC02-F38A00DAFD78\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-66\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20201001-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4283-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4733\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2020/02/06/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-66\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20201001-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4283-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4733\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2020/02/06/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2024-AVI-0997
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2020-13765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13765"
},
{
"name": "CVE-2020-1983",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1983"
},
{
"name": "CVE-2020-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7039"
},
{
"name": "CVE-2019-20382",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20382"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2024-25744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
},
{
"name": "CVE-2023-52531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52531"
},
{
"name": "CVE-2024-26607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26607"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2024-26800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26800"
},
{
"name": "CVE-2024-26810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26810"
},
{
"name": "CVE-2024-26640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
},
{
"name": "CVE-2024-26812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26812"
},
{
"name": "CVE-2024-26641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
},
{
"name": "CVE-2024-27051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27051"
},
{
"name": "CVE-2024-26885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26885"
},
{
"name": "CVE-2023-52614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52614"
},
{
"name": "CVE-2024-26891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26891"
},
{
"name": "CVE-2024-26668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26668"
},
{
"name": "CVE-2024-26669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26669"
},
{
"name": "CVE-2021-47212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47212"
},
{
"name": "CVE-2024-26893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26893"
},
{
"name": "CVE-2024-35848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
},
{
"name": "CVE-2024-27436",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27436"
},
{
"name": "CVE-2024-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
},
{
"name": "CVE-2024-38627",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
},
{
"name": "CVE-2024-38630",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38630"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2024-25741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25741"
},
{
"name": "CVE-2024-39487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
},
{
"name": "CVE-2024-39494",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39494"
},
{
"name": "CVE-2024-40915",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40915"
},
{
"name": "CVE-2024-40929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40929"
},
{
"name": "CVE-2024-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
},
{
"name": "CVE-2024-38611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
},
{
"name": "CVE-2024-38577",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
},
{
"name": "CVE-2024-41011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
},
{
"name": "CVE-2024-39472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39472"
},
{
"name": "CVE-2024-41017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41017"
},
{
"name": "CVE-2024-41090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41090"
},
{
"name": "CVE-2024-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
},
{
"name": "CVE-2024-41012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41012"
},
{
"name": "CVE-2024-41015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41015"
},
{
"name": "CVE-2024-41041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41041"
},
{
"name": "CVE-2024-41044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41044"
},
{
"name": "CVE-2024-41048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41048"
},
{
"name": "CVE-2024-41057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
},
{
"name": "CVE-2024-41058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
},
{
"name": "CVE-2024-41059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41059"
},
{
"name": "CVE-2024-41060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41060"
},
{
"name": "CVE-2024-41063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41063"
},
{
"name": "CVE-2024-41064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41064"
},
{
"name": "CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"name": "CVE-2024-41069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41069"
},
{
"name": "CVE-2024-41070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41070"
},
{
"name": "CVE-2024-41071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41071"
},
{
"name": "CVE-2024-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41072"
},
{
"name": "CVE-2024-41076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41076"
},
{
"name": "CVE-2024-41078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41078"
},
{
"name": "CVE-2024-41081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41081"
},
{
"name": "CVE-2024-41087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41087"
},
{
"name": "CVE-2024-41089",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41089"
},
{
"name": "CVE-2024-41095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41095"
},
{
"name": "CVE-2024-42070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42070"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2024-42093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42093"
},
{
"name": "CVE-2024-42096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42096"
},
{
"name": "CVE-2024-42105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42105"
},
{
"name": "CVE-2024-42119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42119"
},
{
"name": "CVE-2024-42120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42120"
},
{
"name": "CVE-2024-42124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42124"
},
{
"name": "CVE-2024-42145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42145"
},
{
"name": "CVE-2024-42161",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42161"
},
{
"name": "CVE-2024-42223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42223"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2022-48666",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48666"
},
{
"name": "CVE-2024-36484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36484"
},
{
"name": "CVE-2024-41007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41007"
},
{
"name": "CVE-2024-41020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41020"
},
{
"name": "CVE-2024-41022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41022"
},
{
"name": "CVE-2024-41034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41034"
},
{
"name": "CVE-2024-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41035"
},
{
"name": "CVE-2024-41046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41046"
},
{
"name": "CVE-2024-41049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41049"
},
{
"name": "CVE-2024-41055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
},
{
"name": "CVE-2024-41065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41065"
},
{
"name": "CVE-2024-41068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41068"
},
{
"name": "CVE-2024-41077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
},
{
"name": "CVE-2024-42101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42101"
},
{
"name": "CVE-2024-42102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42102"
},
{
"name": "CVE-2024-42104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42104"
},
{
"name": "CVE-2024-42106",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42106"
},
{
"name": "CVE-2024-42115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42115"
},
{
"name": "CVE-2024-42121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42121"
},
{
"name": "CVE-2024-42127",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42127"
},
{
"name": "CVE-2024-42131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42131"
},
{
"name": "CVE-2024-42137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42137"
},
{
"name": "CVE-2024-42152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42152"
},
{
"name": "CVE-2024-42153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42153"
},
{
"name": "CVE-2024-42157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42157"
},
{
"name": "CVE-2024-42229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42229"
},
{
"name": "CVE-2024-42232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42232"
},
{
"name": "CVE-2024-42236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42236"
},
{
"name": "CVE-2024-42244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
},
{
"name": "CVE-2024-42247",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42247"
},
{
"name": "CVE-2024-42110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42110"
},
{
"name": "CVE-2024-41073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
},
{
"name": "CVE-2024-41096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41096"
},
{
"name": "CVE-2024-42082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42082"
},
{
"name": "CVE-2023-52887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52887"
},
{
"name": "CVE-2024-41027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41027"
},
{
"name": "CVE-2024-41047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
},
{
"name": "CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"name": "CVE-2024-41093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41093"
},
{
"name": "CVE-2024-41097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41097"
},
{
"name": "CVE-2024-42068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42068"
},
{
"name": "CVE-2024-42076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42076"
},
{
"name": "CVE-2024-42077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42077"
},
{
"name": "CVE-2024-42080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42080"
},
{
"name": "CVE-2024-42084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42084"
},
{
"name": "CVE-2024-42085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
},
{
"name": "CVE-2024-42086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42086"
},
{
"name": "CVE-2024-42087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42087"
},
{
"name": "CVE-2024-42089",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42089"
},
{
"name": "CVE-2024-42090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42090"
},
{
"name": "CVE-2024-42092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42092"
},
{
"name": "CVE-2024-42094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42094"
},
{
"name": "CVE-2024-42095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42095"
},
{
"name": "CVE-2024-42097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42097"
},
{
"name": "CVE-2024-42098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42098"
},
{
"name": "CVE-2024-42109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
},
{
"name": "CVE-2024-42130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42130"
},
{
"name": "CVE-2024-42140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42140"
},
{
"name": "CVE-2024-42225",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42225"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2024-42270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42270"
},
{
"name": "CVE-2023-52889",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52889"
},
{
"name": "CVE-2024-39486",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
},
{
"name": "CVE-2024-41010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
},
{
"name": "CVE-2024-41025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41025"
},
{
"name": "CVE-2024-41028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41028"
},
{
"name": "CVE-2024-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
},
{
"name": "CVE-2024-41036",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41036"
},
{
"name": "CVE-2024-41037",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
},
{
"name": "CVE-2024-41038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
},
{
"name": "CVE-2024-41039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
},
{
"name": "CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"name": "CVE-2024-41045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
},
{
"name": "CVE-2024-41050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41050"
},
{
"name": "CVE-2024-41051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41051"
},
{
"name": "CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"name": "CVE-2024-41061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41061"
},
{
"name": "CVE-2024-41062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41062"
},
{
"name": "CVE-2024-41074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41074"
},
{
"name": "CVE-2024-41075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41075"
},
{
"name": "CVE-2024-41079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41079"
},
{
"name": "CVE-2024-41080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41080"
},
{
"name": "CVE-2024-41084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
},
{
"name": "CVE-2024-41088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41088"
},
{
"name": "CVE-2024-41094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
},
{
"name": "CVE-2024-41098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41098"
},
{
"name": "CVE-2024-42064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42064"
},
{
"name": "CVE-2024-42069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42069"
},
{
"name": "CVE-2024-42073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42073"
},
{
"name": "CVE-2024-42074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42074"
},
{
"name": "CVE-2024-42113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42113"
},
{
"name": "CVE-2024-42114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42114"
},
{
"name": "CVE-2024-42117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42117"
},
{
"name": "CVE-2024-42126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42126"
},
{
"name": "CVE-2024-42132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
},
{
"name": "CVE-2024-42133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
},
{
"name": "CVE-2024-42136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42136"
},
{
"name": "CVE-2024-42138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
},
{
"name": "CVE-2024-42141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
},
{
"name": "CVE-2024-42142",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42142"
},
{
"name": "CVE-2024-42144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42144"
},
{
"name": "CVE-2024-42147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42147"
},
{
"name": "CVE-2024-42155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42155"
},
{
"name": "CVE-2024-42156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42156"
},
{
"name": "CVE-2024-42158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42158"
},
{
"name": "CVE-2024-42227",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42227"
},
{
"name": "CVE-2024-42237",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42237"
},
{
"name": "CVE-2024-42238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
},
{
"name": "CVE-2024-42239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
},
{
"name": "CVE-2024-42241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
},
{
"name": "CVE-2024-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
},
{
"name": "CVE-2024-42246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42246"
},
{
"name": "CVE-2024-42250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42250"
},
{
"name": "CVE-2024-42253",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42253"
},
{
"name": "CVE-2024-42259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42259"
},
{
"name": "CVE-2024-42269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42269"
},
{
"name": "CVE-2024-42271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42271"
},
{
"name": "CVE-2024-42274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42274"
},
{
"name": "CVE-2024-42276",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42276"
},
{
"name": "CVE-2024-42277",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42277"
},
{
"name": "CVE-2024-42280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42280"
},
{
"name": "CVE-2024-42281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42281"
},
{
"name": "CVE-2024-42283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42283"
},
{
"name": "CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"name": "CVE-2024-42285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42285"
},
{
"name": "CVE-2024-42286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42286"
},
{
"name": "CVE-2024-42287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42287"
},
{
"name": "CVE-2024-42288",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42288"
},
{
"name": "CVE-2024-42289",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42289"
},
{
"name": "CVE-2024-42290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42290"
},
{
"name": "CVE-2024-42292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
},
{
"name": "CVE-2024-42295",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42295"
},
{
"name": "CVE-2024-42301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
},
{
"name": "CVE-2024-42302",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42302"
},
{
"name": "CVE-2024-42309",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42309"
},
{
"name": "CVE-2024-42310",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42310"
},
{
"name": "CVE-2024-42311",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42311"
},
{
"name": "CVE-2024-42312",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42312"
},
{
"name": "CVE-2024-42313",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42313"
},
{
"name": "CVE-2024-42318",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42318"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43829"
},
{
"name": "CVE-2024-43830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43830"
},
{
"name": "CVE-2024-43834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43834"
},
{
"name": "CVE-2024-43839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43839"
},
{
"name": "CVE-2024-43841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43841"
},
{
"name": "CVE-2024-43846",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43846"
},
{
"name": "CVE-2024-43849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43849"
},
{
"name": "CVE-2024-43853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43853"
},
{
"name": "CVE-2024-43854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
},
{
"name": "CVE-2024-43855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43855"
},
{
"name": "CVE-2024-43856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43856"
},
{
"name": "CVE-2024-43858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43858"
},
{
"name": "CVE-2024-43860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43860"
},
{
"name": "CVE-2024-43861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43861"
},
{
"name": "CVE-2024-43863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43863"
},
{
"name": "CVE-2024-43867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43867"
},
{
"name": "CVE-2024-43871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43871"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43875"
},
{
"name": "CVE-2024-43879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43879"
},
{
"name": "CVE-2024-43880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
},
{
"name": "CVE-2024-43882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43882"
},
{
"name": "CVE-2024-43883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43883"
},
{
"name": "CVE-2024-43884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43884"
},
{
"name": "CVE-2024-43889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-43893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43893"
},
{
"name": "CVE-2024-43894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43894"
},
{
"name": "CVE-2024-43902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43902"
},
{
"name": "CVE-2024-43905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43905"
},
{
"name": "CVE-2024-43907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43907"
},
{
"name": "CVE-2024-43908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43908"
},
{
"name": "CVE-2024-43909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43909"
},
{
"name": "CVE-2024-44947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44947"
},
{
"name": "CVE-2024-41023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41023"
},
{
"name": "CVE-2024-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
},
{
"name": "CVE-2024-42243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
},
{
"name": "CVE-2024-45003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45003"
},
{
"name": "CVE-2024-43835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43835"
},
{
"name": "CVE-2024-44940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44940"
},
{
"name": "CVE-2024-44946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44946"
},
{
"name": "CVE-2024-44974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44974"
},
{
"name": "CVE-2024-44982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44982"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44985"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-44987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
},
{
"name": "CVE-2024-44988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44988"
},
{
"name": "CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"name": "CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"name": "CVE-2024-44995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44995"
},
{
"name": "CVE-2024-44998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44998"
},
{
"name": "CVE-2024-44999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44999"
},
{
"name": "CVE-2024-45006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45006"
},
{
"name": "CVE-2024-45007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45007"
},
{
"name": "CVE-2024-45008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45008"
},
{
"name": "CVE-2024-45009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45009"
},
{
"name": "CVE-2024-45011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45011"
},
{
"name": "CVE-2024-45016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45016"
},
{
"name": "CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"name": "CVE-2024-45021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45021"
},
{
"name": "CVE-2024-45025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45025"
},
{
"name": "CVE-2024-45026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45026"
},
{
"name": "CVE-2024-45028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45028"
},
{
"name": "CVE-2024-46673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46673"
},
{
"name": "CVE-2024-46675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46675"
},
{
"name": "CVE-2024-46676",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46676"
},
{
"name": "CVE-2024-46677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46677"
},
{
"name": "CVE-2024-46679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46679"
},
{
"name": "CVE-2024-46685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46685"
},
{
"name": "CVE-2024-46689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46689"
},
{
"name": "CVE-2024-46702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46702"
},
{
"name": "CVE-2024-46707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46707"
},
{
"name": "CVE-2024-46713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
},
{
"name": "CVE-2024-46714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46714"
},
{
"name": "CVE-2024-46719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46719"
},
{
"name": "CVE-2024-46721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46721"
},
{
"name": "CVE-2024-46722",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46722"
},
{
"name": "CVE-2024-46723",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46723"
},
{
"name": "CVE-2024-46724",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46724"
},
{
"name": "CVE-2024-46725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46725"
},
{
"name": "CVE-2024-46731",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46731"
},
{
"name": "CVE-2024-46732",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46732"
},
{
"name": "CVE-2024-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46737"
},
{
"name": "CVE-2024-46738",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46738"
},
{
"name": "CVE-2024-46739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46739"
},
{
"name": "CVE-2024-46740",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46740"
},
{
"name": "CVE-2024-46743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46743"
},
{
"name": "CVE-2024-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46744"
},
{
"name": "CVE-2024-46745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46745"
},
{
"name": "CVE-2024-46746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46746"
},
{
"name": "CVE-2024-46747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46747"
},
{
"name": "CVE-2024-46750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46750"
},
{
"name": "CVE-2024-46752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46752"
},
{
"name": "CVE-2024-46755",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46755"
},
{
"name": "CVE-2024-46756",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46756"
},
{
"name": "CVE-2024-46757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46757"
},
{
"name": "CVE-2024-46758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46758"
},
{
"name": "CVE-2024-46759",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46759"
},
{
"name": "CVE-2024-46761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46761"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46771",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46771"
},
{
"name": "CVE-2024-46777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46777"
},
{
"name": "CVE-2024-46780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46780"
},
{
"name": "CVE-2024-46781",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46781"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-46783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46783"
},
{
"name": "CVE-2024-46791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46791"
},
{
"name": "CVE-2024-46795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46795"
},
{
"name": "CVE-2024-46798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46798"
},
{
"name": "CVE-2024-46800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46800"
},
{
"name": "CVE-2024-46804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46804"
},
{
"name": "CVE-2024-46805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46805"
},
{
"name": "CVE-2024-46807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46807"
},
{
"name": "CVE-2024-46810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46810"
},
{
"name": "CVE-2024-46814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46814"
},
{
"name": "CVE-2024-46815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46815"
},
{
"name": "CVE-2024-46817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46817"
},
{
"name": "CVE-2024-46818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46818"
},
{
"name": "CVE-2024-46819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46819"
},
{
"name": "CVE-2024-46822",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46822"
},
{
"name": "CVE-2024-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46828"
},
{
"name": "CVE-2024-46829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46829"
},
{
"name": "CVE-2024-46832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46832"
},
{
"name": "CVE-2024-46840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46840"
},
{
"name": "CVE-2024-46844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46844"
},
{
"name": "CVE-2024-42272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42272"
},
{
"name": "CVE-2024-42297",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42297"
},
{
"name": "CVE-2024-41082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41082"
},
{
"name": "CVE-2024-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42252"
},
{
"name": "CVE-2024-42265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42265"
},
{
"name": "CVE-2024-42304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42304"
},
{
"name": "CVE-2024-42305",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42305"
},
{
"name": "CVE-2024-42306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42306"
},
{
"name": "CVE-2024-43828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43828"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-43890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43890"
},
{
"name": "CVE-2024-43914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43914"
},
{
"name": "CVE-2024-44935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
},
{
"name": "CVE-2024-44944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44944"
},
{
"name": "CVE-2024-44948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44948"
},
{
"name": "CVE-2024-44952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44952"
},
{
"name": "CVE-2024-44954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44954"
},
{
"name": "CVE-2024-44960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44960"
},
{
"name": "CVE-2024-44965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44965"
},
{
"name": "CVE-2024-44969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44969"
},
{
"name": "CVE-2024-44971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44971"
},
{
"name": "CVE-2024-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
},
{
"name": "CVE-2023-52888",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52888"
},
{
"name": "CVE-2023-52918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52918"
},
{
"name": "CVE-2024-41018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41018"
},
{
"name": "CVE-2024-41019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41019"
},
{
"name": "CVE-2024-41021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41021"
},
{
"name": "CVE-2024-41029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41029"
},
{
"name": "CVE-2024-41030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41030"
},
{
"name": "CVE-2024-41033",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41033"
},
{
"name": "CVE-2024-41052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41052"
},
{
"name": "CVE-2024-41053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41053"
},
{
"name": "CVE-2024-41054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41054"
},
{
"name": "CVE-2024-41067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41067"
},
{
"name": "CVE-2024-41083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41083"
},
{
"name": "CVE-2024-41085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
},
{
"name": "CVE-2024-41086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41086"
},
{
"name": "CVE-2024-42063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42063"
},
{
"name": "CVE-2024-42065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42065"
},
{
"name": "CVE-2024-42066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42066"
},
{
"name": "CVE-2024-42067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42067"
},
{
"name": "CVE-2024-42088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42088"
},
{
"name": "CVE-2024-42091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42091"
},
{
"name": "CVE-2024-42100",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42100"
},
{
"name": "CVE-2024-42103",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42103"
},
{
"name": "CVE-2024-42108",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42108"
},
{
"name": "CVE-2024-42111",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42111"
},
{
"name": "CVE-2024-42112",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42112"
},
{
"name": "CVE-2024-42118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42118"
},
{
"name": "CVE-2024-42128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42128"
},
{
"name": "CVE-2024-42129",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42129"
},
{
"name": "CVE-2024-42135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42135"
},
{
"name": "CVE-2024-42146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42146"
},
{
"name": "CVE-2024-42149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42149"
},
{
"name": "CVE-2024-42150",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42150"
},
{
"name": "CVE-2024-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42151"
},
{
"name": "CVE-2024-42231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42231"
},
{
"name": "CVE-2024-42234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42234"
},
{
"name": "CVE-2024-42235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42235"
},
{
"name": "CVE-2024-42248",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42248"
},
{
"name": "CVE-2024-42251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42251"
},
{
"name": "CVE-2024-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47659"
},
{
"name": "CVE-2024-47663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47663"
},
{
"name": "CVE-2024-47667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47667"
},
{
"name": "CVE-2024-47669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47669"
},
{
"name": "CVE-2020-8608",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8608"
},
{
"name": "CVE-2021-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3592"
},
{
"name": "CVE-2021-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3594"
},
{
"name": "CVE-2023-3019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3019"
},
{
"name": "CVE-2024-42267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42267"
},
{
"name": "CVE-2024-42296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42296"
},
{
"name": "CVE-2024-42299",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42299"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-44934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44934"
},
{
"name": "CVE-2024-44958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44958"
},
{
"name": "CVE-2024-44966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44966"
},
{
"name": "CVE-2024-4693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4693"
},
{
"name": "CVE-2024-47660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47660"
},
{
"name": "CVE-2024-47665",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47665"
},
{
"name": "CVE-2024-7730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7730"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0997",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-5",
"url": "https://ubuntu.com/security/notices/USN-7089-5"
},
{
"published_at": "2024-11-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7100-1",
"url": "https://ubuntu.com/security/notices/USN-7100-1"
},
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7110-1",
"url": "https://ubuntu.com/security/notices/USN-7110-1"
},
{
"published_at": "2024-11-15",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-6",
"url": "https://ubuntu.com/security/notices/USN-7089-6"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7100-2",
"url": "https://ubuntu.com/security/notices/USN-7100-2"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-4",
"url": "https://ubuntu.com/security/notices/USN-7089-4"
},
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7088-5",
"url": "https://ubuntu.com/security/notices/USN-7088-5"
},
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7071-2",
"url": "https://ubuntu.com/security/notices/USN-7071-2"
},
{
"published_at": "2024-11-08",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7094-1",
"url": "https://ubuntu.com/security/notices/USN-7094-1"
}
]
}
CERTFR-2024-AVI-0997
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2020-13765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13765"
},
{
"name": "CVE-2020-1983",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1983"
},
{
"name": "CVE-2020-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7039"
},
{
"name": "CVE-2019-20382",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20382"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2024-25744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
},
{
"name": "CVE-2023-52531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52531"
},
{
"name": "CVE-2024-26607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26607"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2024-26800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26800"
},
{
"name": "CVE-2024-26810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26810"
},
{
"name": "CVE-2024-26640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
},
{
"name": "CVE-2024-26812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26812"
},
{
"name": "CVE-2024-26641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
},
{
"name": "CVE-2024-27051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27051"
},
{
"name": "CVE-2024-26885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26885"
},
{
"name": "CVE-2023-52614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52614"
},
{
"name": "CVE-2024-26891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26891"
},
{
"name": "CVE-2024-26668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26668"
},
{
"name": "CVE-2024-26669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26669"
},
{
"name": "CVE-2021-47212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47212"
},
{
"name": "CVE-2024-26893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26893"
},
{
"name": "CVE-2024-35848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
},
{
"name": "CVE-2024-27436",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27436"
},
{
"name": "CVE-2024-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
},
{
"name": "CVE-2024-38627",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
},
{
"name": "CVE-2024-38630",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38630"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2024-25741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25741"
},
{
"name": "CVE-2024-39487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
},
{
"name": "CVE-2024-39494",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39494"
},
{
"name": "CVE-2024-40915",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40915"
},
{
"name": "CVE-2024-40929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40929"
},
{
"name": "CVE-2024-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
},
{
"name": "CVE-2024-38611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
},
{
"name": "CVE-2024-38577",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
},
{
"name": "CVE-2024-41011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
},
{
"name": "CVE-2024-39472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39472"
},
{
"name": "CVE-2024-41017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41017"
},
{
"name": "CVE-2024-41090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41090"
},
{
"name": "CVE-2024-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
},
{
"name": "CVE-2024-41012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41012"
},
{
"name": "CVE-2024-41015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41015"
},
{
"name": "CVE-2024-41041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41041"
},
{
"name": "CVE-2024-41044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41044"
},
{
"name": "CVE-2024-41048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41048"
},
{
"name": "CVE-2024-41057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
},
{
"name": "CVE-2024-41058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
},
{
"name": "CVE-2024-41059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41059"
},
{
"name": "CVE-2024-41060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41060"
},
{
"name": "CVE-2024-41063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41063"
},
{
"name": "CVE-2024-41064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41064"
},
{
"name": "CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"name": "CVE-2024-41069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41069"
},
{
"name": "CVE-2024-41070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41070"
},
{
"name": "CVE-2024-41071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41071"
},
{
"name": "CVE-2024-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41072"
},
{
"name": "CVE-2024-41076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41076"
},
{
"name": "CVE-2024-41078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41078"
},
{
"name": "CVE-2024-41081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41081"
},
{
"name": "CVE-2024-41087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41087"
},
{
"name": "CVE-2024-41089",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41089"
},
{
"name": "CVE-2024-41095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41095"
},
{
"name": "CVE-2024-42070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42070"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2024-42093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42093"
},
{
"name": "CVE-2024-42096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42096"
},
{
"name": "CVE-2024-42105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42105"
},
{
"name": "CVE-2024-42119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42119"
},
{
"name": "CVE-2024-42120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42120"
},
{
"name": "CVE-2024-42124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42124"
},
{
"name": "CVE-2024-42145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42145"
},
{
"name": "CVE-2024-42161",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42161"
},
{
"name": "CVE-2024-42223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42223"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2022-48666",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48666"
},
{
"name": "CVE-2024-36484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36484"
},
{
"name": "CVE-2024-41007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41007"
},
{
"name": "CVE-2024-41020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41020"
},
{
"name": "CVE-2024-41022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41022"
},
{
"name": "CVE-2024-41034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41034"
},
{
"name": "CVE-2024-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41035"
},
{
"name": "CVE-2024-41046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41046"
},
{
"name": "CVE-2024-41049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41049"
},
{
"name": "CVE-2024-41055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
},
{
"name": "CVE-2024-41065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41065"
},
{
"name": "CVE-2024-41068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41068"
},
{
"name": "CVE-2024-41077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
},
{
"name": "CVE-2024-42101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42101"
},
{
"name": "CVE-2024-42102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42102"
},
{
"name": "CVE-2024-42104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42104"
},
{
"name": "CVE-2024-42106",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42106"
},
{
"name": "CVE-2024-42115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42115"
},
{
"name": "CVE-2024-42121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42121"
},
{
"name": "CVE-2024-42127",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42127"
},
{
"name": "CVE-2024-42131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42131"
},
{
"name": "CVE-2024-42137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42137"
},
{
"name": "CVE-2024-42152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42152"
},
{
"name": "CVE-2024-42153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42153"
},
{
"name": "CVE-2024-42157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42157"
},
{
"name": "CVE-2024-42229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42229"
},
{
"name": "CVE-2024-42232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42232"
},
{
"name": "CVE-2024-42236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42236"
},
{
"name": "CVE-2024-42244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
},
{
"name": "CVE-2024-42247",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42247"
},
{
"name": "CVE-2024-42110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42110"
},
{
"name": "CVE-2024-41073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
},
{
"name": "CVE-2024-41096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41096"
},
{
"name": "CVE-2024-42082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42082"
},
{
"name": "CVE-2023-52887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52887"
},
{
"name": "CVE-2024-41027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41027"
},
{
"name": "CVE-2024-41047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
},
{
"name": "CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"name": "CVE-2024-41093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41093"
},
{
"name": "CVE-2024-41097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41097"
},
{
"name": "CVE-2024-42068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42068"
},
{
"name": "CVE-2024-42076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42076"
},
{
"name": "CVE-2024-42077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42077"
},
{
"name": "CVE-2024-42080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42080"
},
{
"name": "CVE-2024-42084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42084"
},
{
"name": "CVE-2024-42085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
},
{
"name": "CVE-2024-42086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42086"
},
{
"name": "CVE-2024-42087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42087"
},
{
"name": "CVE-2024-42089",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42089"
},
{
"name": "CVE-2024-42090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42090"
},
{
"name": "CVE-2024-42092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42092"
},
{
"name": "CVE-2024-42094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42094"
},
{
"name": "CVE-2024-42095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42095"
},
{
"name": "CVE-2024-42097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42097"
},
{
"name": "CVE-2024-42098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42098"
},
{
"name": "CVE-2024-42109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
},
{
"name": "CVE-2024-42130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42130"
},
{
"name": "CVE-2024-42140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42140"
},
{
"name": "CVE-2024-42225",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42225"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2024-42270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42270"
},
{
"name": "CVE-2023-52889",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52889"
},
{
"name": "CVE-2024-39486",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
},
{
"name": "CVE-2024-41010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
},
{
"name": "CVE-2024-41025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41025"
},
{
"name": "CVE-2024-41028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41028"
},
{
"name": "CVE-2024-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
},
{
"name": "CVE-2024-41036",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41036"
},
{
"name": "CVE-2024-41037",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
},
{
"name": "CVE-2024-41038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
},
{
"name": "CVE-2024-41039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
},
{
"name": "CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"name": "CVE-2024-41045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
},
{
"name": "CVE-2024-41050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41050"
},
{
"name": "CVE-2024-41051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41051"
},
{
"name": "CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"name": "CVE-2024-41061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41061"
},
{
"name": "CVE-2024-41062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41062"
},
{
"name": "CVE-2024-41074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41074"
},
{
"name": "CVE-2024-41075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41075"
},
{
"name": "CVE-2024-41079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41079"
},
{
"name": "CVE-2024-41080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41080"
},
{
"name": "CVE-2024-41084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
},
{
"name": "CVE-2024-41088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41088"
},
{
"name": "CVE-2024-41094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
},
{
"name": "CVE-2024-41098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41098"
},
{
"name": "CVE-2024-42064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42064"
},
{
"name": "CVE-2024-42069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42069"
},
{
"name": "CVE-2024-42073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42073"
},
{
"name": "CVE-2024-42074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42074"
},
{
"name": "CVE-2024-42113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42113"
},
{
"name": "CVE-2024-42114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42114"
},
{
"name": "CVE-2024-42117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42117"
},
{
"name": "CVE-2024-42126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42126"
},
{
"name": "CVE-2024-42132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
},
{
"name": "CVE-2024-42133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
},
{
"name": "CVE-2024-42136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42136"
},
{
"name": "CVE-2024-42138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
},
{
"name": "CVE-2024-42141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
},
{
"name": "CVE-2024-42142",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42142"
},
{
"name": "CVE-2024-42144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42144"
},
{
"name": "CVE-2024-42147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42147"
},
{
"name": "CVE-2024-42155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42155"
},
{
"name": "CVE-2024-42156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42156"
},
{
"name": "CVE-2024-42158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42158"
},
{
"name": "CVE-2024-42227",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42227"
},
{
"name": "CVE-2024-42237",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42237"
},
{
"name": "CVE-2024-42238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
},
{
"name": "CVE-2024-42239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
},
{
"name": "CVE-2024-42241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
},
{
"name": "CVE-2024-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
},
{
"name": "CVE-2024-42246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42246"
},
{
"name": "CVE-2024-42250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42250"
},
{
"name": "CVE-2024-42253",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42253"
},
{
"name": "CVE-2024-42259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42259"
},
{
"name": "CVE-2024-42269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42269"
},
{
"name": "CVE-2024-42271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42271"
},
{
"name": "CVE-2024-42274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42274"
},
{
"name": "CVE-2024-42276",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42276"
},
{
"name": "CVE-2024-42277",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42277"
},
{
"name": "CVE-2024-42280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42280"
},
{
"name": "CVE-2024-42281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42281"
},
{
"name": "CVE-2024-42283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42283"
},
{
"name": "CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"name": "CVE-2024-42285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42285"
},
{
"name": "CVE-2024-42286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42286"
},
{
"name": "CVE-2024-42287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42287"
},
{
"name": "CVE-2024-42288",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42288"
},
{
"name": "CVE-2024-42289",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42289"
},
{
"name": "CVE-2024-42290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42290"
},
{
"name": "CVE-2024-42292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
},
{
"name": "CVE-2024-42295",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42295"
},
{
"name": "CVE-2024-42301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
},
{
"name": "CVE-2024-42302",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42302"
},
{
"name": "CVE-2024-42309",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42309"
},
{
"name": "CVE-2024-42310",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42310"
},
{
"name": "CVE-2024-42311",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42311"
},
{
"name": "CVE-2024-42312",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42312"
},
{
"name": "CVE-2024-42313",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42313"
},
{
"name": "CVE-2024-42318",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42318"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43829"
},
{
"name": "CVE-2024-43830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43830"
},
{
"name": "CVE-2024-43834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43834"
},
{
"name": "CVE-2024-43839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43839"
},
{
"name": "CVE-2024-43841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43841"
},
{
"name": "CVE-2024-43846",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43846"
},
{
"name": "CVE-2024-43849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43849"
},
{
"name": "CVE-2024-43853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43853"
},
{
"name": "CVE-2024-43854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
},
{
"name": "CVE-2024-43855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43855"
},
{
"name": "CVE-2024-43856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43856"
},
{
"name": "CVE-2024-43858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43858"
},
{
"name": "CVE-2024-43860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43860"
},
{
"name": "CVE-2024-43861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43861"
},
{
"name": "CVE-2024-43863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43863"
},
{
"name": "CVE-2024-43867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43867"
},
{
"name": "CVE-2024-43871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43871"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43875"
},
{
"name": "CVE-2024-43879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43879"
},
{
"name": "CVE-2024-43880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
},
{
"name": "CVE-2024-43882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43882"
},
{
"name": "CVE-2024-43883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43883"
},
{
"name": "CVE-2024-43884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43884"
},
{
"name": "CVE-2024-43889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-43893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43893"
},
{
"name": "CVE-2024-43894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43894"
},
{
"name": "CVE-2024-43902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43902"
},
{
"name": "CVE-2024-43905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43905"
},
{
"name": "CVE-2024-43907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43907"
},
{
"name": "CVE-2024-43908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43908"
},
{
"name": "CVE-2024-43909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43909"
},
{
"name": "CVE-2024-44947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44947"
},
{
"name": "CVE-2024-41023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41023"
},
{
"name": "CVE-2024-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
},
{
"name": "CVE-2024-42243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
},
{
"name": "CVE-2024-45003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45003"
},
{
"name": "CVE-2024-43835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43835"
},
{
"name": "CVE-2024-44940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44940"
},
{
"name": "CVE-2024-44946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44946"
},
{
"name": "CVE-2024-44974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44974"
},
{
"name": "CVE-2024-44982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44982"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44985"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-44987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
},
{
"name": "CVE-2024-44988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44988"
},
{
"name": "CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"name": "CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"name": "CVE-2024-44995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44995"
},
{
"name": "CVE-2024-44998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44998"
},
{
"name": "CVE-2024-44999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44999"
},
{
"name": "CVE-2024-45006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45006"
},
{
"name": "CVE-2024-45007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45007"
},
{
"name": "CVE-2024-45008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45008"
},
{
"name": "CVE-2024-45009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45009"
},
{
"name": "CVE-2024-45011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45011"
},
{
"name": "CVE-2024-45016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45016"
},
{
"name": "CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"name": "CVE-2024-45021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45021"
},
{
"name": "CVE-2024-45025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45025"
},
{
"name": "CVE-2024-45026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45026"
},
{
"name": "CVE-2024-45028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45028"
},
{
"name": "CVE-2024-46673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46673"
},
{
"name": "CVE-2024-46675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46675"
},
{
"name": "CVE-2024-46676",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46676"
},
{
"name": "CVE-2024-46677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46677"
},
{
"name": "CVE-2024-46679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46679"
},
{
"name": "CVE-2024-46685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46685"
},
{
"name": "CVE-2024-46689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46689"
},
{
"name": "CVE-2024-46702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46702"
},
{
"name": "CVE-2024-46707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46707"
},
{
"name": "CVE-2024-46713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
},
{
"name": "CVE-2024-46714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46714"
},
{
"name": "CVE-2024-46719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46719"
},
{
"name": "CVE-2024-46721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46721"
},
{
"name": "CVE-2024-46722",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46722"
},
{
"name": "CVE-2024-46723",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46723"
},
{
"name": "CVE-2024-46724",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46724"
},
{
"name": "CVE-2024-46725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46725"
},
{
"name": "CVE-2024-46731",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46731"
},
{
"name": "CVE-2024-46732",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46732"
},
{
"name": "CVE-2024-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46737"
},
{
"name": "CVE-2024-46738",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46738"
},
{
"name": "CVE-2024-46739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46739"
},
{
"name": "CVE-2024-46740",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46740"
},
{
"name": "CVE-2024-46743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46743"
},
{
"name": "CVE-2024-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46744"
},
{
"name": "CVE-2024-46745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46745"
},
{
"name": "CVE-2024-46746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46746"
},
{
"name": "CVE-2024-46747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46747"
},
{
"name": "CVE-2024-46750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46750"
},
{
"name": "CVE-2024-46752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46752"
},
{
"name": "CVE-2024-46755",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46755"
},
{
"name": "CVE-2024-46756",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46756"
},
{
"name": "CVE-2024-46757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46757"
},
{
"name": "CVE-2024-46758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46758"
},
{
"name": "CVE-2024-46759",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46759"
},
{
"name": "CVE-2024-46761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46761"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46771",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46771"
},
{
"name": "CVE-2024-46777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46777"
},
{
"name": "CVE-2024-46780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46780"
},
{
"name": "CVE-2024-46781",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46781"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-46783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46783"
},
{
"name": "CVE-2024-46791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46791"
},
{
"name": "CVE-2024-46795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46795"
},
{
"name": "CVE-2024-46798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46798"
},
{
"name": "CVE-2024-46800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46800"
},
{
"name": "CVE-2024-46804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46804"
},
{
"name": "CVE-2024-46805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46805"
},
{
"name": "CVE-2024-46807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46807"
},
{
"name": "CVE-2024-46810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46810"
},
{
"name": "CVE-2024-46814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46814"
},
{
"name": "CVE-2024-46815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46815"
},
{
"name": "CVE-2024-46817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46817"
},
{
"name": "CVE-2024-46818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46818"
},
{
"name": "CVE-2024-46819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46819"
},
{
"name": "CVE-2024-46822",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46822"
},
{
"name": "CVE-2024-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46828"
},
{
"name": "CVE-2024-46829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46829"
},
{
"name": "CVE-2024-46832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46832"
},
{
"name": "CVE-2024-46840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46840"
},
{
"name": "CVE-2024-46844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46844"
},
{
"name": "CVE-2024-42272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42272"
},
{
"name": "CVE-2024-42297",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42297"
},
{
"name": "CVE-2024-41082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41082"
},
{
"name": "CVE-2024-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42252"
},
{
"name": "CVE-2024-42265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42265"
},
{
"name": "CVE-2024-42304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42304"
},
{
"name": "CVE-2024-42305",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42305"
},
{
"name": "CVE-2024-42306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42306"
},
{
"name": "CVE-2024-43828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43828"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-43890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43890"
},
{
"name": "CVE-2024-43914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43914"
},
{
"name": "CVE-2024-44935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
},
{
"name": "CVE-2024-44944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44944"
},
{
"name": "CVE-2024-44948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44948"
},
{
"name": "CVE-2024-44952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44952"
},
{
"name": "CVE-2024-44954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44954"
},
{
"name": "CVE-2024-44960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44960"
},
{
"name": "CVE-2024-44965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44965"
},
{
"name": "CVE-2024-44969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44969"
},
{
"name": "CVE-2024-44971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44971"
},
{
"name": "CVE-2024-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
},
{
"name": "CVE-2023-52888",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52888"
},
{
"name": "CVE-2023-52918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52918"
},
{
"name": "CVE-2024-41018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41018"
},
{
"name": "CVE-2024-41019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41019"
},
{
"name": "CVE-2024-41021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41021"
},
{
"name": "CVE-2024-41029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41029"
},
{
"name": "CVE-2024-41030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41030"
},
{
"name": "CVE-2024-41033",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41033"
},
{
"name": "CVE-2024-41052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41052"
},
{
"name": "CVE-2024-41053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41053"
},
{
"name": "CVE-2024-41054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41054"
},
{
"name": "CVE-2024-41067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41067"
},
{
"name": "CVE-2024-41083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41083"
},
{
"name": "CVE-2024-41085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
},
{
"name": "CVE-2024-41086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41086"
},
{
"name": "CVE-2024-42063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42063"
},
{
"name": "CVE-2024-42065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42065"
},
{
"name": "CVE-2024-42066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42066"
},
{
"name": "CVE-2024-42067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42067"
},
{
"name": "CVE-2024-42088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42088"
},
{
"name": "CVE-2024-42091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42091"
},
{
"name": "CVE-2024-42100",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42100"
},
{
"name": "CVE-2024-42103",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42103"
},
{
"name": "CVE-2024-42108",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42108"
},
{
"name": "CVE-2024-42111",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42111"
},
{
"name": "CVE-2024-42112",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42112"
},
{
"name": "CVE-2024-42118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42118"
},
{
"name": "CVE-2024-42128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42128"
},
{
"name": "CVE-2024-42129",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42129"
},
{
"name": "CVE-2024-42135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42135"
},
{
"name": "CVE-2024-42146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42146"
},
{
"name": "CVE-2024-42149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42149"
},
{
"name": "CVE-2024-42150",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42150"
},
{
"name": "CVE-2024-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42151"
},
{
"name": "CVE-2024-42231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42231"
},
{
"name": "CVE-2024-42234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42234"
},
{
"name": "CVE-2024-42235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42235"
},
{
"name": "CVE-2024-42248",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42248"
},
{
"name": "CVE-2024-42251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42251"
},
{
"name": "CVE-2024-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47659"
},
{
"name": "CVE-2024-47663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47663"
},
{
"name": "CVE-2024-47667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47667"
},
{
"name": "CVE-2024-47669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47669"
},
{
"name": "CVE-2020-8608",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8608"
},
{
"name": "CVE-2021-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3592"
},
{
"name": "CVE-2021-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3594"
},
{
"name": "CVE-2023-3019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3019"
},
{
"name": "CVE-2024-42267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42267"
},
{
"name": "CVE-2024-42296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42296"
},
{
"name": "CVE-2024-42299",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42299"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-44934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44934"
},
{
"name": "CVE-2024-44958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44958"
},
{
"name": "CVE-2024-44966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44966"
},
{
"name": "CVE-2024-4693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4693"
},
{
"name": "CVE-2024-47660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47660"
},
{
"name": "CVE-2024-47665",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47665"
},
{
"name": "CVE-2024-7730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7730"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0997",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-5",
"url": "https://ubuntu.com/security/notices/USN-7089-5"
},
{
"published_at": "2024-11-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7100-1",
"url": "https://ubuntu.com/security/notices/USN-7100-1"
},
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7110-1",
"url": "https://ubuntu.com/security/notices/USN-7110-1"
},
{
"published_at": "2024-11-15",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-6",
"url": "https://ubuntu.com/security/notices/USN-7089-6"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7100-2",
"url": "https://ubuntu.com/security/notices/USN-7100-2"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-4",
"url": "https://ubuntu.com/security/notices/USN-7089-4"
},
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7088-5",
"url": "https://ubuntu.com/security/notices/USN-7088-5"
},
{
"published_at": "2024-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7071-2",
"url": "https://ubuntu.com/security/notices/USN-7071-2"
},
{
"published_at": "2024-11-08",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7094-1",
"url": "https://ubuntu.com/security/notices/USN-7094-1"
}
]
}
alsa-2020:1379
Vulnerability from osv_almalinux
Published
2020-04-07 09:15
Modified
2020-04-07 09:15
Summary
Important: container-tools:rhel8 security and bug fix update
Details
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
- QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
useradd and groupadd fail under rootless Buildah and podman [stream-container-tools-rhel8-rhel-8.1.1] (BZ#1803495)
-
Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1804188)
-
Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/podman] (BZ#1804194)
-
fuse-overlayfs segfault [stream-container-tools-rhel8-rhel-8.1.1/fuse-overlayfs] (BZ#1805016)
-
buildah COPY command is slow when .dockerignore file is not present [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1806119)
References
| URL | Type | |
|---|---|---|
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "cockpit-podman"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11-1.module_el8.5.0+108+00865455"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "cockpit-podman"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11-1.module_el8.5.0+2635+e4386a39"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "containernetworking-plugins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.8.3-4.module_el8.5.0+2635+e4386a39"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "containernetworking-plugins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.8.3-4.module_el8.5.0+108+00865455"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python-podman-api"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.0-0.2.gitd0a45fe.module_el8.5.0+2635+e4386a39"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python-podman-api"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.0-0.2.gitd0a45fe.module_el8.5.0+108+00865455"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "slirp4netns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.4.2-3.git21fdece.module_el8.5.0+2635+e4386a39"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "slirp4netns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.4.2-3.git21fdece.module_el8.5.0+108+00865455"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "udica"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.1-2.module_el8.5.0+108+00865455"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "udica"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.1-2.module_el8.5.0+2635+e4386a39"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* useradd and groupadd fail under rootless Buildah and podman [stream-container-tools-rhel8-rhel-8.1.1] (BZ#1803495)\n\n* Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1804188)\n\n* Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/podman] (BZ#1804194)\n\n* fuse-overlayfs segfault [stream-container-tools-rhel8-rhel-8.1.1/fuse-overlayfs] (BZ#1805016)\n\n* buildah COPY command is slow when .dockerignore file is not present [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1806119)",
"id": "ALSA-2020:1379",
"modified": "2020-04-07T09:15:25Z",
"published": "2020-04-07T09:15:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2020-1379.html"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-8608"
}
],
"related": [
"CVE-2020-8608"
],
"summary": "Important: container-tools:rhel8 security and bug fix update"
}
alsa-2020:2774
Vulnerability from osv_almalinux
Published
2020-06-30 13:38
Modified
2021-12-23 15:15
Summary
Important: virt:rhel security update
Details
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
Security Fix(es):
-
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)
-
QEMU: vnc: memory leakage upon disconnect (CVE-2019-20382)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |
|---|---|---|
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.6.0+2880+7d9e3703"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.3.0+2048+e7a0a3ea"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.6.0+2880+7d9e3703"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.3.0+2048+e7a0a3ea"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.3.0+2048+e7a0a3ea"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.6.0+2880+7d9e3703"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libiscsi-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-8.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.6.0+2880+7d9e3703"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.3.0+2048+e7a0a3ea"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.3.0+2048+e7a0a3ea"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.6.0+2880+7d9e3703"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.6.0+2880+7d9e3703"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netcf-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.8-12.module_el8.3.0+2048+e7a0a3ea"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "sgabios"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:0.20170427git-3.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "sgabios"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:0.20170427git-3.module_el8.3.0+2048+e7a0a3ea"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "sgabios-bin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:0.20170427git-3.module_el8.5.0+2608+72063365"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "sgabios-bin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:0.20170427git-3.module_el8.6.0+2880+7d9e3703"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)\n\n* QEMU: vnc: memory leakage upon disconnect (CVE-2019-20382)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2020:2774",
"modified": "2021-12-23T15:15:25Z",
"published": "2020-06-30T13:38:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2020-2774.html"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2019-20382"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-8608"
}
],
"related": [
"CVE-2020-8608",
"CVE-2019-20382"
],
"summary": "Important: virt:rhel security update"
}
BDU:2020-04502
Vulnerability from fstec - Published: 06.02.2020
VLAI Severity ?
Title
Уязвимость компонента tcp_subr.c библиотеки TCP-IP эмулятора Libslirp, связанная с недостатком механизма проверки размера копируемых данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании]
Description
Уязвимость компонента tcp_subr.c библиотеки TCP-IP эмулятора Libslirp связана с недостатком механизма проверки размера копируемых данных. Эксплуатация уязвимости позволяет нарушителю, действующему удаленно, получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity ?
Vendor
Canonical Ltd., Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», Novell Inc., АО «ИВК», АО "НППКТ", АО «Концерн ВНИИНС»
Software Name
Ubuntu, Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), OpenSUSE Leap, Libslirp, Альт 8 СП (запись в едином реестре российских программ №4305), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)
Software Version
16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), 15.1 (OpenSUSE Leap), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 19.10 (Ubuntu), до 4.1.0 (Libslirp), - (Альт 8 СП), до 2.5 (ОСОН ОСнова Оnyx), до 16.01.2023 (ОС ОН «Стрелец»)
Possible Mitigations
Использование рекомендаций:
Для libslirp:
Обновление программного обеспечения до 4.3.1-1 или более поздней версии
Для Debian GNU/Linux:
Обновление программного обеспечения (пакета libslirp) до 4.3.1-1 или более поздней версии
Для Ubuntu:
https://ubuntu.com/security/notices/USN-4283-1
Для программных продуктов Novell Inc.:
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
И использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16
Для ОСОН ОСнова Оnyx:Обновление программного обеспечения libslirp до версии 4.6.1-1
Для ОС ОН «Стрелец»:
Обновление программного обеспечения qemu до версии 1:2.8+dfsg.repack-6+deb9u16.osnova1
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Reference
https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0
https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843
https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
https://nvd.nist.gov/vuln/detail/CVE-2020-8608
https://security-tracker.debian.org/tracker/CVE-2020-8608
https://ubuntu.com/security/notices/USN-4283-1
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210611SE16
https://www.openwall.com/lists/oss-security/2020/02/06/2
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.5/
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023
https://altsp.su/obnovleniya-bezopasnosti/
CWE
CWE-120
{
"CVSS 2.0": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Novell Inc., \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 15.1 (OpenSUSE Leap), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 19.10 (Ubuntu), \u0434\u043e 4.1.0 (Libslirp), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 2.5 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f libslirp:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 4.3.1-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian GNU/Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 libslirp) \u0434\u043e 4.3.1-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/notices/USN-4283-1\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html\n\u0418 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libslirp \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.6.1-1\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f qemu \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:2.8+dfsg.repack-6+deb9u16.osnova1\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "06.02.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "01.10.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-04502",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-8608",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), OpenSUSE Leap, Libslirp, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 16.04 LTS 32-bit, Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. OpenSUSE Leap 15.1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Canonical Ltd. Ubuntu 19.10 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.5 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 tcp_subr.c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 TCP-IP \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 Libslirp, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438]",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (\u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430) (CWE-120)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 tcp_subr.c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 TCP-IP \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 Libslirp \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0\nhttps://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843\nhttps://lists.debian.org/debian-lts-announce/2020/03/msg00015.html\nhttps://lists.debian.org/debian-lts-announce/2020/03/msg00017.html\nhttps://lists.debian.org/debian-lts-announce/2020/07/msg00020.html\nhttps://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-8608\nhttps://security-tracker.debian.org/tracker/CVE-2020-8608\nhttps://ubuntu.com/security/notices/USN-4283-1\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20210611SE16\nhttps://www.openwall.com/lists/oss-security/2020/02/06/2\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.5/\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://altsp.su/obnovleniya-bezopasnosti/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-120",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)"
}
CNVD-2020-04540
Vulnerability from cnvd - Published: 2020-02-11
VLAI Severity ?
Title
libslirp代码执行漏洞
Description
libslirp是一款供虚拟机、容器或各种工具使用的用户模式网络库。
libslirp存在代码执行漏洞,攻击者可通过发送特制数据包利用该漏洞执行任意代码。
Severity
高
Patch Name
libslirp代码执行漏洞的补丁
Patch Description
libslirp是一款供虚拟机、容器或各种工具使用的用户模式网络库。
libslirp存在代码执行漏洞,攻击者可通过发送特制数据包利用该漏洞执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://seclists.org/oss-sec/2020/q1/64
Reference
https://exchange.xforce.ibmcloud.com/vulnerabilities/175868
Impacted products
| Name | QEMU QEMU |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-8608"
}
},
"description": "libslirp\u662f\u4e00\u6b3e\u4f9b\u865a\u62df\u673a\u3001\u5bb9\u5668\u6216\u5404\u79cd\u5de5\u5177\u4f7f\u7528\u7684\u7528\u6237\u6a21\u5f0f\u7f51\u7edc\u5e93\u3002\n\nlibslirp\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://seclists.org/oss-sec/2020/q1/64",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-04540",
"openTime": "2020-02-11",
"patchDescription": "libslirp\u662f\u4e00\u6b3e\u4f9b\u865a\u62df\u673a\u3001\u5bb9\u5668\u6216\u5404\u79cd\u5de5\u5177\u4f7f\u7528\u7684\u7528\u6237\u6a21\u5f0f\u7f51\u7edc\u5e93\u3002\r\n\r\nlibslirp\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "libslirp\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "QEMU QEMU"
},
"referenceLink": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175868",
"serverity": "\u9ad8",
"submitTime": "2020-02-07",
"title": "libslirp\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}
FKIE_CVE-2020-8608
Vulnerability from fkie_nvd - Published: 2020-02-06 17:15 - Updated: 2024-11-21 05:39
Severity ?
Summary
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libslirp_project | libslirp | 4.1.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libslirp_project:libslirp:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3679E165-A6B7-41B5-AC02-F38A00DAFD78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."
},
{
"lang": "es",
"value": "En libslirp versi\u00f3n 4.1.0, como es usado en QEMU versi\u00f3n 4.2.0, el archivo tcp_subr.c utiliza inapropiadamente los valores de retorno de snprintf, lo que conlleva a un desbordamiento del b\u00fafer en el c\u00f3digo posterior."
}
],
"id": "CVE-2020-8608",
"lastModified": "2024-11-21T05:39:07.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-06T17:15:14.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4283-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4283-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-495H-WW9W-VG4P
Vulnerability from github – Published: 2022-05-24 17:08 – Updated: 2022-05-24 17:08
VLAI?
Details
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
{
"affected": [],
"aliases": [
"CVE-2020-8608"
],
"database_specific": {
"cwe_ids": [
"CWE-120"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-02-06T17:15:00Z",
"severity": "HIGH"
},
"details": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.",
"id": "GHSA-495h-ww9w-vg4p",
"modified": "2022-05-24T17:08:11Z",
"published": "2022-05-24T17:08:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8608"
},
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20201001-0002"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4283-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2020-8608
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-8608",
"description": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.",
"id": "GSD-2020-8608",
"references": [
"https://www.suse.com/security/cve/CVE-2020-8608.html",
"https://www.debian.org/security/2020/dsa-4733",
"https://access.redhat.com/errata/RHSA-2020:3040",
"https://access.redhat.com/errata/RHSA-2020:2844",
"https://access.redhat.com/errata/RHSA-2020:2774",
"https://access.redhat.com/errata/RHSA-2020:2773",
"https://access.redhat.com/errata/RHSA-2020:2730",
"https://access.redhat.com/errata/RHSA-2020:2342",
"https://access.redhat.com/errata/RHSA-2020:1403",
"https://access.redhat.com/errata/RHSA-2020:1379",
"https://access.redhat.com/errata/RHSA-2020:1352",
"https://access.redhat.com/errata/RHSA-2020:1351",
"https://access.redhat.com/errata/RHSA-2020:1300",
"https://access.redhat.com/errata/RHSA-2020:1292",
"https://access.redhat.com/errata/RHSA-2020:1261",
"https://access.redhat.com/errata/RHSA-2020:1209",
"https://access.redhat.com/errata/RHSA-2020:1208",
"https://access.redhat.com/errata/RHSA-2020:0889",
"https://access.redhat.com/errata/RHBA-2020:0527",
"https://ubuntu.com/security/CVE-2020-8608",
"https://alas.aws.amazon.com/cve/html/CVE-2020-8608.html",
"https://linux.oracle.com/cve/CVE-2020-8608.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-8608"
],
"details": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.",
"id": "GSD-2020-8608",
"modified": "2023-12-13T01:21:54.307203Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-8608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843",
"refsource": "MISC",
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/02/06/2",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
},
{
"name": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0",
"refsource": "MISC",
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"name": "USN-4283-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4283-1/"
},
{
"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"name": "GLSA-202003-66",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"name": "openSUSE-SU-2020:0468",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
},
{
"name": "DSA-4733",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201001-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libslirp_project:libslirp:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-8608"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0",
"refsource": "MISC",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
},
{
"name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/02/06/2",
"refsource": "MISC",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
},
{
"name": "USN-4283-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4283-1/"
},
{
"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
},
{
"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
},
{
"name": "GLSA-202003-66",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-66"
},
{
"name": "openSUSE-SU-2020:0468",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
},
{
"name": "DSA-4733",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4733"
},
{
"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201001-0002/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4
}
},
"lastModifiedDate": "2021-02-14T03:50Z",
"publishedDate": "2020-02-06T17:15Z"
}
}
}
OPENSUSE-SU-2020:0468-1
Vulnerability from csaf_opensuse - Published: 2020-04-06 22:21 - Updated: 2020-04-06 22:21Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
- CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and
other protocols (bsc#1161066).
- CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI
config space allocation (bsc#1166379).
- CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine
which could have allowed a remote denial of service or arbitrary code with privileges
of the QEMU process on the host (bsc#1166240).
- CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating
the identification protocol and copying message data to a socket buffer (bsc#1123156).
- CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and
other protocols (bsc#1163018).
- CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to
exhaustion of the host memory leading to a potential Denial of service (bsc#1165776).
- Fixed a live migration error (bsc#1154790).
- Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames: openSUSE-2020-468
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\n- CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and\n other protocols (bsc#1161066).\n- CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI \n config space allocation (bsc#1166379).\n- CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine\n which could have allowed a remote denial of service or arbitrary code with privileges \n of the QEMU process on the host (bsc#1166240).\n- CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating \n the identification protocol and copying message data to a socket buffer (bsc#1123156).\n- CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and\n other protocols (bsc#1163018).\n- CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to \n exhaustion of the host memory leading to a potential Denial of service (bsc#1165776).\n- Fixed a live migration error (bsc#1154790).\n- Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-468",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0468-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0468-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0468-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S5VG234WOT345KSVGE32CW6SK7I55AZP/"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE Bug 1154790",
"url": "https://bugzilla.suse.com/1154790"
},
{
"category": "self",
"summary": "SUSE Bug 1161066",
"url": "https://bugzilla.suse.com/1161066"
},
{
"category": "self",
"summary": "SUSE Bug 1162729",
"url": "https://bugzilla.suse.com/1162729"
},
{
"category": "self",
"summary": "SUSE Bug 1163018",
"url": "https://bugzilla.suse.com/1163018"
},
{
"category": "self",
"summary": "SUSE Bug 1165776",
"url": "https://bugzilla.suse.com/1165776"
},
{
"category": "self",
"summary": "SUSE Bug 1166240",
"url": "https://bugzilla.suse.com/1166240"
},
{
"category": "self",
"summary": "SUSE Bug 1166379",
"url": "https://bugzilla.suse.com/1166379"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15034 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-20382 page",
"url": "https://www.suse.com/security/cve/CVE-2019-20382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1711 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7039 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8608 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8608/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2020-04-06T22:21:00Z",
"generator": {
"date": "2020-04-06T22:21:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0468-1",
"initial_release_date": "2020-04-06T22:21:00Z",
"revision_history": [
{
"date": "2020-04-06T22:21:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"product_id": "qemu-ipxe-1.0.0+-lp151.7.12.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"product": {
"name": "qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"product_id": "qemu-seabios-1.12.0-lp151.7.12.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-lp151.7.12.1.noarch",
"product": {
"name": "qemu-sgabios-8-lp151.7.12.1.noarch",
"product_id": "qemu-sgabios-8-lp151.7.12.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"product": {
"name": "qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"product_id": "qemu-vgabios-1.12.0-lp151.7.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-arm-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-extra-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-lang-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-s390-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-tools-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-3.1.1.1-lp151.7.12.1.x86_64",
"product": {
"name": "qemu-x86-3.1.1.1-lp151.7.12.1.x86_64",
"product_id": "qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-extra-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-lp151.7.12.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.12.0-lp151.7.12.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch"
},
"product_reference": "qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-lp151.7.12.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch"
},
"product_reference": "qemu-sgabios-8-lp151.7.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.12.0-lp151.7.12.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch"
},
"product_reference": "qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-3.1.1.1-lp151.7.12.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
},
"product_reference": "qemu-x86-3.1.1.1-lp151.7.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-15034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15034"
}
],
"notes": [
{
"category": "general",
"text": "hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15034",
"url": "https://www.suse.com/security/cve/CVE-2019-15034"
},
{
"category": "external",
"summary": "SUSE Bug 1166379 for CVE-2019-15034",
"url": "https://bugzilla.suse.com/1166379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-06T22:21:00Z",
"details": "important"
}
],
"title": "CVE-2019-15034"
},
{
"cve": "CVE-2019-20382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-20382"
}
],
"notes": [
{
"category": "general",
"text": "QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-20382",
"url": "https://www.suse.com/security/cve/CVE-2019-20382"
},
{
"category": "external",
"summary": "SUSE Bug 1165776 for CVE-2019-20382",
"url": "https://bugzilla.suse.com/1165776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-06T22:21:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-20382"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-06T22:21:00Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
},
{
"cve": "CVE-2020-1711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1711"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1711",
"url": "https://www.suse.com/security/cve/CVE-2020-1711"
},
{
"category": "external",
"summary": "SUSE Bug 1166240 for CVE-2020-1711",
"url": "https://bugzilla.suse.com/1166240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-06T22:21:00Z",
"details": "important"
}
],
"title": "CVE-2020-1711"
},
{
"cve": "CVE-2020-7039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7039"
}
],
"notes": [
{
"category": "general",
"text": "tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7039",
"url": "https://www.suse.com/security/cve/CVE-2020-7039"
},
{
"category": "external",
"summary": "SUSE Bug 1161066 for CVE-2020-7039",
"url": "https://bugzilla.suse.com/1161066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-06T22:21:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-7039"
},
{
"cve": "CVE-2020-8608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8608"
}
],
"notes": [
{
"category": "general",
"text": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8608",
"url": "https://www.suse.com/security/cve/CVE-2020-8608"
},
{
"category": "external",
"summary": "SUSE Bug 1163018 for CVE-2020-8608",
"url": "https://bugzilla.suse.com/1163018"
},
{
"category": "external",
"summary": "SUSE Bug 1163019 for CVE-2020-8608",
"url": "https://bugzilla.suse.com/1163019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:qemu-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-arm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-alsa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-oss-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-pa-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-audio-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-curl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-dmg-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-gluster-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-iscsi-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-nfs-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-rbd-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-block-ssh-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-extra-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-guest-agent-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ipxe-1.0.0+-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-ksm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-kvm-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-lang-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-linux-user-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ppc-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-s390-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-seabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-sgabios-8-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-tools-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-curses-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-gtk-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-ui-sdl-3.1.1.1-lp151.7.12.1.x86_64",
"openSUSE Leap 15.1:qemu-vgabios-1.12.0-lp151.7.12.1.noarch",
"openSUSE Leap 15.1:qemu-x86-3.1.1.1-lp151.7.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-06T22:21:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8608"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…