OESA-2022-1997
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1997
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1997.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1997
- Upstream
- Published
- 2022-10-14T11:04:25Z
- Modified
- 2025-08-12T05:09:14.632427Z
- Summary
- qemu security update
- Details
-
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed.
QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system (for example a PC), including one or several processors and various peripherals. It can be used to launch different Operating Systems without rebooting the PC or to debug system code. User mode emulation. In this mode, QEMU can launch processes compiled for one CPU on another CPU. It can be used to launch the Wine Windows API emulator (https://www.winehq.org) or to ease cross-compilation and cross-debugging. You can refer to https://www.qemu.org for more infortmation.Security Fix(es):
An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.(CVE-2021-3638)
A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes to the rx/tx descriptor or copies the rx/tx frame, it doesn't check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers multiple times, possibly leading to a stack or heap overflow. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.(CVE-2022-2962)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:22.03-LTS / qemu
Package
- Name
- qemu
- Purl
- pkg:rpm/openEuler/qemu&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-52.oe2203
Ecosystem specific
{
"x86_64": [
"qemu-hw-usb-host-6.2.0-52.oe2203.x86_64.rpm",
"qemu-block-rbd-6.2.0-52.oe2203.x86_64.rpm",
"qemu-img-6.2.0-52.oe2203.x86_64.rpm",
"qemu-block-iscsi-6.2.0-52.oe2203.x86_64.rpm",
"qemu-system-arm-6.2.0-52.oe2203.x86_64.rpm",
"qemu-block-ssh-6.2.0-52.oe2203.x86_64.rpm",
"qemu-guest-agent-6.2.0-52.oe2203.x86_64.rpm",
"qemu-block-curl-6.2.0-52.oe2203.x86_64.rpm",
"qemu-seabios-6.2.0-52.oe2203.x86_64.rpm",
"qemu-system-riscv-6.2.0-52.oe2203.x86_64.rpm",
"qemu-6.2.0-52.oe2203.x86_64.rpm",
"qemu-debugsource-6.2.0-52.oe2203.x86_64.rpm",
"qemu-debuginfo-6.2.0-52.oe2203.x86_64.rpm",
"qemu-system-aarch64-6.2.0-52.oe2203.x86_64.rpm",
"qemu-system-x86_64-6.2.0-52.oe2203.x86_64.rpm"
],
"src": [
"qemu-6.2.0-52.oe2203.src.rpm"
],
"aarch64": [
"qemu-hw-usb-host-6.2.0-52.oe2203.aarch64.rpm",
"qemu-debuginfo-6.2.0-52.oe2203.aarch64.rpm",
"qemu-block-curl-6.2.0-52.oe2203.aarch64.rpm",
"qemu-system-aarch64-6.2.0-52.oe2203.aarch64.rpm",
"qemu-6.2.0-52.oe2203.aarch64.rpm",
"qemu-guest-agent-6.2.0-52.oe2203.aarch64.rpm",
"qemu-block-iscsi-6.2.0-52.oe2203.aarch64.rpm",
"qemu-block-rbd-6.2.0-52.oe2203.aarch64.rpm",
"qemu-img-6.2.0-52.oe2203.aarch64.rpm",
"qemu-system-riscv-6.2.0-52.oe2203.aarch64.rpm",
"qemu-block-ssh-6.2.0-52.oe2203.aarch64.rpm",
"qemu-system-arm-6.2.0-52.oe2203.aarch64.rpm",
"qemu-debugsource-6.2.0-52.oe2203.aarch64.rpm",
"qemu-system-x86_64-6.2.0-52.oe2203.aarch64.rpm"
],
"noarch": [
"qemu-help-6.2.0-52.oe2203.noarch.rpm"
]
}