Security update for qemu SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:20076-1 Final 1 1 2025-02-03T09:05:11Z current 2025-02-03T09:05:11Z 2025-02-03T09:05:11Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for qemu This update for qemu fixes the following issues: - Bugfixes and CVEs: * hw/usb/hcd-ohci: Fix #1510, #303: pid not IN or OUT (bsc#1230834, CVE-2024-8354) * softmmu: Support concurrent bounce buffers (bsc#1230915, CVE-2024-8612) * system/physmem: Per-AddressSpace bounce buffering (bsc#1230915, CVE-2024-8612) * system/physmem: Propagate AddressSpace to MapClient helpers (bsc#1230915, CVE-2024-8612) * system/physmem: Replace qemu_mutex_lock() calls with QEMU_LOCK_GUARD (bsc#1230915, CVE-2024-8612) - Update version to 8.2.7 * Full changelog here: https://lore.kernel.org/qemu-devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305@tls.msk.ru/ * Fixes: bsc#1229007, CVE-2024-7409 bsc#1224132, CVE-2024-4693 * Some backports: gitlab: fix logic for changing docker tag on stable branches ui/sdl2: set swap interval explicitly when OpenGL is enabled hw/intc/arm_gic: fix spurious level triggered interrupts hw/audio/virtio-sound: fix heap buffer overflow tests/docker: update debian i686 and mipsel images to bookworm tests/docker: remove debian-armel-cross hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read() crypto: check gnutls & gcrypt support the requested pbkdf hash crypto: run qcrypto_pbkdf2_count_iters in a new thread softmmu/physmem: fix memory leak in dirty_memory_extend() target/ppc: Fix migration of CPUs with TLB_EMB TLB type gitlab: migrate the s390x custom machine to 22.04 target/hppa: Fix PSW V-bit packaging in cpu_hppa_get for hppa64 hw/audio/virtio-snd: fix invalid param check virtio-pci: Fix the use of an uninitialized irqfd - Fix bsc#1231519: * accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.0-93 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202520076-1/ Link for SUSE-SU-2025:20076-1 https://lists.suse.com/pipermail/sle-security-updates/2025-June/021271.html E-Mail link for SUSE-SU-2025:20076-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1224132 SUSE Bug 1224132 https://bugzilla.suse.com/1229007 SUSE Bug 1229007 https://bugzilla.suse.com/1229929 SUSE Bug 1229929 https://bugzilla.suse.com/1230140 SUSE Bug 1230140 https://bugzilla.suse.com/1230834 SUSE Bug 1230834 https://bugzilla.suse.com/1230915 SUSE Bug 1230915 https://bugzilla.suse.com/1231519 SUSE Bug 1231519 https://www.suse.com/security/cve/CVE-2024-4693/ SUSE CVE CVE-2024-4693 page https://www.suse.com/security/cve/CVE-2024-7409/ SUSE CVE CVE-2024-7409 page https://www.suse.com/security/cve/CVE-2024-8354/ SUSE CVE CVE-2024-8354 page https://www.suse.com/security/cve/CVE-2024-8612/ SUSE CVE CVE-2024-8612 page SUSE Linux Micro 6.0 qemu-8.2.7-1.1 qemu-accel-tcg-x86-8.2.7-1.1 qemu-arm-8.2.7-1.1 qemu-audio-spice-8.2.7-1.1 qemu-block-curl-8.2.7-1.1 qemu-block-iscsi-8.2.7-1.1 qemu-block-rbd-8.2.7-1.1 qemu-block-ssh-8.2.7-1.1 qemu-chardev-spice-8.2.7-1.1 qemu-guest-agent-8.2.7-1.1 qemu-hw-display-qxl-8.2.7-1.1 qemu-hw-display-virtio-gpu-8.2.7-1.1 qemu-hw-display-virtio-gpu-pci-8.2.7-1.1 qemu-hw-display-virtio-vga-8.2.7-1.1 qemu-hw-usb-host-8.2.7-1.1 qemu-hw-usb-redirect-8.2.7-1.1 qemu-img-8.2.7-1.1 qemu-ipxe-8.2.7-1.1 qemu-ksm-8.2.7-1.1 qemu-lang-8.2.7-1.1 qemu-pr-helper-8.2.7-1.1 qemu-s390x-8.2.7-1.1 qemu-seabios-8.2.71.16.3_3_ga95067eb-1.1 qemu-tools-8.2.7-1.1 qemu-ui-opengl-8.2.7-1.1 qemu-ui-spice-core-8.2.7-1.1 qemu-vgabios-8.2.71.16.3_3_ga95067eb-1.1 qemu-x86-8.2.7-1.1 qemu-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-accel-tcg-x86-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-arm-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-audio-spice-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-block-curl-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-block-iscsi-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-block-rbd-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-block-ssh-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-chardev-spice-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-guest-agent-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-hw-display-qxl-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-hw-display-virtio-gpu-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-hw-display-virtio-gpu-pci-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-hw-display-virtio-vga-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-hw-usb-host-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-hw-usb-redirect-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-img-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-ipxe-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-ksm-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-lang-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-pr-helper-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-s390x-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-seabios-8.2.71.16.3_3_ga95067eb-1.1 as a component of SUSE Linux Micro 6.0 qemu-tools-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-ui-opengl-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-ui-spice-core-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 qemu-vgabios-8.2.71.16.3_3_ga95067eb-1.1 as a component of SUSE Linux Micro 6.0 qemu-x86-8.2.7-1.1 as a component of SUSE Linux Micro 6.0 A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhost_net_stop(). This flaw allows a malicious guest to crash the QEMU process on the host. CVE-2024-4693 SUSE Linux Micro 6.0:qemu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-accel-tcg-x86-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-arm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-audio-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-curl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-iscsi-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-rbd-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-ssh-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-chardev-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-guest-agent-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-qxl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-pci-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-vga-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-host-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-redirect-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-img-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ipxe-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ksm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-lang-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-pr-helper-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-s390x-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-seabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-tools-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-opengl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-spice-core-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-vgabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-x86-8.2.7-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520076-1/ https://www.suse.com/security/cve/CVE-2024-4693.html CVE-2024-4693 https://bugzilla.suse.com/1224132 SUSE Bug 1224132 A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. CVE-2024-7409 SUSE Linux Micro 6.0:qemu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-accel-tcg-x86-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-arm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-audio-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-curl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-iscsi-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-rbd-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-ssh-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-chardev-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-guest-agent-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-qxl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-pci-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-vga-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-host-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-redirect-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-img-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ipxe-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ksm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-lang-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-pr-helper-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-s390x-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-seabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-tools-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-opengl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-spice-core-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-vgabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-x86-8.2.7-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520076-1/ https://www.suse.com/security/cve/CVE-2024-7409.html CVE-2024-7409 https://bugzilla.suse.com/1229007 SUSE Bug 1229007 A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition. CVE-2024-8354 SUSE Linux Micro 6.0:qemu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-accel-tcg-x86-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-arm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-audio-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-curl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-iscsi-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-rbd-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-ssh-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-chardev-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-guest-agent-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-qxl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-pci-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-vga-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-host-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-redirect-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-img-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ipxe-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ksm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-lang-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-pr-helper-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-s390x-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-seabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-tools-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-opengl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-spice-core-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-vgabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-x86-8.2.7-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520076-1/ https://www.suse.com/security/cve/CVE-2024-8354.html CVE-2024-8354 https://bugzilla.suse.com/1230834 SUSE Bug 1230834 A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak. CVE-2024-8612 SUSE Linux Micro 6.0:qemu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-accel-tcg-x86-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-arm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-audio-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-curl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-iscsi-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-rbd-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-block-ssh-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-chardev-spice-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-guest-agent-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-qxl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-gpu-pci-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-display-virtio-vga-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-host-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-hw-usb-redirect-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-img-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ipxe-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ksm-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-lang-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-pr-helper-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-s390x-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-seabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-tools-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-opengl-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-ui-spice-core-8.2.7-1.1 SUSE Linux Micro 6.0:qemu-vgabios-8.2.71.16.3_3_ga95067eb-1.1 SUSE Linux Micro 6.0:qemu-x86-8.2.7-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520076-1/ https://www.suse.com/security/cve/CVE-2024-8612.html CVE-2024-8612 https://bugzilla.suse.com/1230915 SUSE Bug 1230915