OESA-2022-1772
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1772
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1772.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1772
- Upstream
- Published
- 2022-07-22T11:04:01Z
- Modified
- 2025-08-12T05:10:14.171278Z
- Summary
- qemu security update
- Details
-
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed.
Security Fix(es):
A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.(CVE-2021-4158)
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This issue allows a malicious user to trigger CVE-2018-13405 to obtain sensitive information or potentially escalate their privileges on the system.(CVE-2022-0358)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:22.03-LTS / qemu
Package
- Name
- qemu
- Purl
- pkg:rpm/openEuler/qemu&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-43.oe2203
Ecosystem specific
{
"noarch": [
"qemu-help-6.2.0-43.oe2203.noarch.rpm"
],
"x86_64": [
"qemu-debugsource-6.2.0-43.oe2203.x86_64.rpm",
"qemu-img-6.2.0-43.oe2203.x86_64.rpm",
"qemu-debuginfo-6.2.0-43.oe2203.x86_64.rpm",
"qemu-6.2.0-43.oe2203.x86_64.rpm",
"qemu-hw-usb-host-6.2.0-43.oe2203.x86_64.rpm",
"qemu-system-aarch64-6.2.0-43.oe2203.x86_64.rpm",
"qemu-seabios-6.2.0-43.oe2203.x86_64.rpm",
"qemu-system-x86_64-6.2.0-43.oe2203.x86_64.rpm",
"qemu-block-curl-6.2.0-43.oe2203.x86_64.rpm",
"qemu-block-rbd-6.2.0-43.oe2203.x86_64.rpm",
"qemu-system-arm-6.2.0-43.oe2203.x86_64.rpm",
"qemu-block-ssh-6.2.0-43.oe2203.x86_64.rpm",
"qemu-block-iscsi-6.2.0-43.oe2203.x86_64.rpm",
"qemu-system-riscv-6.2.0-43.oe2203.x86_64.rpm",
"qemu-guest-agent-6.2.0-43.oe2203.x86_64.rpm"
],
"src": [
"qemu-6.2.0-43.oe2203.src.rpm"
],
"aarch64": [
"qemu-block-iscsi-6.2.0-43.oe2203.aarch64.rpm",
"qemu-block-curl-6.2.0-43.oe2203.aarch64.rpm",
"qemu-block-rbd-6.2.0-43.oe2203.aarch64.rpm",
"qemu-system-aarch64-6.2.0-43.oe2203.aarch64.rpm",
"qemu-img-6.2.0-43.oe2203.aarch64.rpm",
"qemu-system-x86_64-6.2.0-43.oe2203.aarch64.rpm",
"qemu-block-ssh-6.2.0-43.oe2203.aarch64.rpm",
"qemu-6.2.0-43.oe2203.aarch64.rpm",
"qemu-debugsource-6.2.0-43.oe2203.aarch64.rpm",
"qemu-system-arm-6.2.0-43.oe2203.aarch64.rpm",
"qemu-guest-agent-6.2.0-43.oe2203.aarch64.rpm",
"qemu-hw-usb-host-6.2.0-43.oe2203.aarch64.rpm",
"qemu-debuginfo-6.2.0-43.oe2203.aarch64.rpm",
"qemu-system-riscv-6.2.0-43.oe2203.aarch64.rpm"
]
}