1. 修复的CVE CVE-2021-3544 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在安全漏洞。该漏洞源于 vhost-user-gpu/vhost-user-gpu.c存在内存泄漏。以下产品及版本受到影响：QEMU: 5.0.0, 5.0.1, 5.1.0, 5.2.0, 6.0.0。 CVE-2021-20196 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在代码问题漏洞，该漏洞源于block: fdc: 空指针解引用导致客户端崩溃。 CVE-2021-3713 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU UAS 中存在缓冲区错误漏洞，该漏洞源于产品未检查访客提供的号码从而导致对UASDevice->data3 和 UASDevice->status3的越界访问。攻击者可通过该漏洞导致QEMU崩溃。 CVE-2021-3748 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在资源管理错误漏洞，目前尚无此漏洞的更多信息，请随时关注CNNVD或厂商公告。 CVE-2021-20203 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 中存在输入验证错误漏洞。该漏洞源于攻击者可通过QEMU的vmxnet3触发整数溢出，以触发拒绝服务，并可能在主机系统上运行代码。 CVE-2021-3546 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在缓冲区错误漏洞，该漏洞源于vhost-user-gpu/virgl.c的virgl_cmd_get_capset()函数存在边界错误。 远程攻击者可利用该漏洞在系统上升级权限。以下产品及版本受到影响：QEMU: 4.1.0, 4.1.1, 4.2.0, 4.2.1, 5.0.0, 5.0.1, 5.1.0, 5.2.0, 6.0.0。 CVE-2021-3930 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在安全漏洞，该漏洞可能允许攻击者进行拒绝服务攻击。 CVE-2022-0358 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU存在安全漏洞，该漏洞源于在QEMU virtio-fs共享文件系统守护进程(virtiofsd)实现中发现一个缺陷。攻击者可利用该漏洞触发CVE-2018-13405，以获取敏感信息或可能升级其在系统上的权限。 CVE-2021-4158 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在安全漏洞，该漏洞源于QEMU 网卡模拟器错误处理了某些值。客户机内部的攻击者可利用该漏洞导致QEMU崩溃，从而导致拒绝服务。 CVE-2021-3545 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在信息泄露漏洞。该漏洞源于vhost-user-gpu/virgl.c中的virgl_cmd_get_capset_info()函数存在未初始化存储器泄露，攻击者可利用该漏洞获取敏感信息。以下产品及版本受到影响：QEMU: 4.1.0, 4.1.1, 4.2.0, 4.2.1, 5.0.0, 5.0.1, 5.1.0, 5.2.0, 6.0.0。 CVE-2021-3682 QEMU一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 存在安全漏洞，该漏洞源于在6.1.0-rc2之前版本的QEMU的USB重定向设备模拟中发现了一个缺陷，在从SPICE客户机进行批量传输期间，由于包队列已满而丢弃包时，就会发生这种情况。攻击者可利用该漏洞使QEMU call free()带有伪造的堆块元数据，从而导致QEMU崩溃或可能使用主机上QEMU进程的特权执行代码。 2. 受影响的操作系统及软件包 ·银河麒麟桌面操作系统V10 SP1 x86_64 架构： qemu-block-extra、qemu-guest-agent、qemu-kvm、qemu-system-arm、qemu-system-common、qemu-system-data、qemu-system-gui、qemu-system-loongarch64、qemu-system-mips、qemu-system-misc、qemu-system-ppc、qemu-system-s390x、qemu-system-sparc、qemu-system-x86-microvm、qemu-system-x86-xen、qemu-system-x86、qemu-system、qemu-user-binfmt、qemu-user-static、qemu-user、qemu-utils、qemu arm64 架构： qemu-block-extra、qemu-guest-agent、qemu-kvm、qemu-system-arm、qemu-system-common、qemu-system-data、qemu-system-gui、qemu-system-loongarch64、qemu-system-mips、qemu-system-misc、qemu-system-ppc、qemu-system-s390x、qemu-system-sparc、qemu-system-x86、qemu-system、qemu-user-binfmt、qemu-user-static、qemu-user、qemu-utils、qemu mips64el 架构： qemu-block-extra、qemu-guest-agent、qemu-system-arm、qemu-system-common、qemu-system-data、qemu-system-gui、qemu-system-loongarch64、qemu-system-mips、qemu-system-misc、qemu-system-ppc、qemu-system-sparc、qemu-system-x86、qemu-system、qemu-user-binfmt、qemu-user-static、qemu-user、qemu-utils、qemu loongarch64 架构： qemu-block-extra、qemu-guest-agent、qemu-system-arm、qemu-system-common、qemu-system-data、qemu-system-gui、qemu-system-loongarch64、qemu-system-mips、qemu-system-misc、qemu-system-ppc、qemu-system-sparc、qemu-system-x86、qemu-system、qemu-utils、qemu 3. 软件包修复版本 ·银河麒麟桌面操作系统V10 SP1 1:4.2-3kylin6.24k0.0 4. 修复方法 方法一：升级安装 执行更新命令进行升级 $sudo apt update $sudo apt install qemu 方法二：下载软件包进行升级安装 通过软件包地址下载软件包，使用软件包升级命令根据受影响的软件包列表升级相关的组件包。 $sudo dpkg -i /Path1/Package1 /Path2/Package2 /Path3/Package3…… 注：Path 指软件包下载到本地的路径，Package指下载的软件包名称，多个软件包则以空格分开。 5. 软件包下载地址 银河麒麟桌面操作系统V10 SP1 x86_64软件包下载地址 https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-block-extra_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-guest-agent_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-kvm_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-arm_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-common_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-data_4.2-3kylin6.24k0.0_all.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-gui_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-loongarch64_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-mips_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-misc_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-ppc_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-s390x_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-sparc_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-x86-microvm_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-x86-xen_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-x86_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user-binfmt_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user-static_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-utils_4.2-3kylin6.24k0.0_amd64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu_4.2-3kylin6.24k0.0_amd64.deb arm64软件包下载地址 https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-block-extra_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-guest-agent_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-kvm_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-arm_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-common_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-data_4.2-3kylin6.24k0.0_all.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-gui_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-loongarch64_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-mips_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-misc_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-ppc_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-s390x_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-sparc_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-x86_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user-binfmt_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user-static_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-utils_4.2-3kylin6.24k0.0_arm64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu_4.2-3kylin6.24k0.0_arm64.deb mips64el软件包下载地址 https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-block-extra_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-guest-agent_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-arm_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-common_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-data_4.2-3kylin6.24k0.0_all.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-gui_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-loongarch64_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-mips_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-misc_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-ppc_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-sparc_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-x86_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user-binfmt_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user-static_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-user_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-utils_4.2-3kylin6.24k0.0_mips64el.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu_4.2-3kylin6.24k0.0_mips64el.deb loongarch64软件包下载地址 https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-block-extra_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-guest-agent_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-arm_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-common_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-data_4.2-3kylin6.24k0.0_all.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-gui_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-loongarch64_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-mips_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-misc_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-ppc_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-sparc_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system-x86_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-system_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu-utils_4.2-3kylin6.24k0.0_loongarch64.deb https://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/q/qemu/qemu_4.2-3kylin6.24k0.0_loongarch64.deb 6. 修复验证 使用软件包查询命令，查看相关的软件包版本大于或等于修复版本则成功修复。 $sudo dpkg -l |grep Package 注：Package为软件包包名。