{"affected":[{"ecosystem_specific":{"binaries":[{"qemu":"5.2.0-20.1","qemu-arm":"5.2.0-20.1","qemu-audio-alsa":"5.2.0-20.1","qemu-audio-pa":"5.2.0-20.1","qemu-audio-spice":"5.2.0-20.1","qemu-block-curl":"5.2.0-20.1","qemu-block-dmg":"5.2.0-20.1","qemu-block-gluster":"5.2.0-20.1","qemu-block-iscsi":"5.2.0-20.1","qemu-block-nfs":"5.2.0-20.1","qemu-block-rbd":"5.2.0-20.1","qemu-block-ssh":"5.2.0-20.1","qemu-chardev-baum":"5.2.0-20.1","qemu-chardev-spice":"5.2.0-20.1","qemu-extra":"5.2.0-20.1","qemu-guest-agent":"5.2.0-20.1","qemu-hw-display-qxl":"5.2.0-20.1","qemu-hw-display-virtio-gpu":"5.2.0-20.1","qemu-hw-display-virtio-gpu-pci":"5.2.0-20.1","qemu-hw-display-virtio-vga":"5.2.0-20.1","qemu-hw-s390x-virtio-gpu-ccw":"5.2.0-20.1","qemu-hw-usb-redirect":"5.2.0-20.1","qemu-hw-usb-smartcard":"5.2.0-20.1","qemu-ipxe":"1.0.0+-20.1","qemu-ivshmem-tools":"5.2.0-20.1","qemu-ksm":"5.2.0-20.1","qemu-kvm":"5.2.0-20.1","qemu-lang":"5.2.0-20.1","qemu-microvm":"5.2.0-20.1","qemu-ppc":"5.2.0-20.1","qemu-s390x":"5.2.0-20.1","qemu-seabios":"1.14.0_0_g155821a-20.1","qemu-sgabios":"8-20.1","qemu-skiboot":"5.2.0-20.1","qemu-tools":"5.2.0-20.1","qemu-ui-curses":"5.2.0-20.1","qemu-ui-gtk":"5.2.0-20.1","qemu-ui-opengl":"5.2.0-20.1","qemu-ui-spice-app":"5.2.0-20.1","qemu-ui-spice-core":"5.2.0-20.1","qemu-vgabios":"1.14.0_0_g155821a-20.1","qemu-vhost-user-gpu":"5.2.0-20.1","qemu-x86":"5.2.0-20.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"qemu","purl":"pkg:rpm/opensuse/qemu&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.2.0-20.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for qemu fixes the following issues:\n\n- CVE-2021-3546: Fixed out-of-bounds write in virgl_cmd_get_capset (bsc#1185981).\n- CVE-2021-3544: Fixed memory leaks found in the virtio vhost-user GPU device (bsc#1186010).\n- CVE-2021-3545: Fixed information disclosure due to uninitialized memory read (bsc#1185990).\n","id":"openSUSE-SU-2021:2213-1","modified":"2021-07-09T17:09:18Z","published":"2021-07-09T17:09:18Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UIASIXLUG5DPOL6IUP6OEGC7XFEJQSHY/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1185981"},{"type":"REPORT","url":"https://bugzilla.suse.com/1185990"},{"type":"REPORT","url":"https://bugzilla.suse.com/1186010"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3544"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3545"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3546"}],"related":["CVE-2021-3544","CVE-2021-3545","CVE-2021-3546"],"summary":"Security update for qemu","upstream":["CVE-2021-3544","CVE-2021-3545","CVE-2021-3546"]}