{"affected":[{"ecosystem_specific":{"binaries":[{"qemu":"5.2.0-150300.112.4","qemu-arm":"5.2.0-150300.112.4","qemu-audio-spice":"5.2.0-150300.112.4","qemu-chardev-spice":"5.2.0-150300.112.4","qemu-guest-agent":"5.2.0-150300.112.4","qemu-hw-display-qxl":"5.2.0-150300.112.4","qemu-hw-display-virtio-gpu":"5.2.0-150300.112.4","qemu-hw-display-virtio-vga":"5.2.0-150300.112.4","qemu-hw-usb-redirect":"5.2.0-150300.112.4","qemu-ipxe":"1.0.0+-150300.112.4","qemu-s390x":"5.2.0-150300.112.4","qemu-seabios":"1.14.0_0_g155821a-150300.112.4","qemu-sgabios":"8-150300.112.4","qemu-tools":"5.2.0-150300.112.4","qemu-ui-opengl":"5.2.0-150300.112.4","qemu-ui-spice-core":"5.2.0-150300.112.4","qemu-vgabios":"1.14.0_0_g155821a-150300.112.4","qemu-x86":"5.2.0-150300.112.4"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"qemu","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.2.0-150300.112.4"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for qemu fixes the following issues:\n\n- CVE-2022-0358: Fixed a potential privilege escalation via virtiofsd (bsc#1195161).\n- CVE-2021-3930: Fixed a potential denial of service in the emulated SCSI device (bsc#1192525).\n\nNon-security fixes:\n\n- Fixed a kernel data corruption via a long kernel boot cmdline (bsc#1196737).\n- Included vmxcap in the qemu-tools package (bsc#1193364).\n- Fixed package dependencies (bsc#1196087).\n- Fixed an issue were PowerPC firmwares would not be built for non-PowerPC\n  builds (bsc#1193545).\n- Fixed multiple issues in I/O (bsc#1178049 bsc#1194938).\n","id":"SUSE-SU-2022:0930-2","modified":"2022-04-20T10:39:52Z","published":"2022-04-20T10:39:52Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20220930-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178049"},{"type":"REPORT","url":"https://bugzilla.suse.com/1192525"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193364"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193545"},{"type":"REPORT","url":"https://bugzilla.suse.com/1194938"},{"type":"REPORT","url":"https://bugzilla.suse.com/1195161"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196087"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196737"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3930"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-0358"}],"related":["CVE-2021-3930","CVE-2022-0358"],"summary":"Security update for qemu","upstream":["CVE-2021-3930","CVE-2022-0358"]}