| Revision Date: | 2020-04-01 | Version: | 1 |
| Title: | Security update for qemu (Important) |
| Description: |
This update for qemu fixes the following issues:
- CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). - CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). - CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). - CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). - Fixed a live migration error (bsc#1154790). - Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1123156
1154790
1161066
1162729
1163018
1165776
1166240
1166379
CVE-2019-15034
CVE-2019-20382
CVE-2019-6778
CVE-2020-1711
CVE-2020-7039
CVE-2020-8608
SUSE-SU-2020:0844-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND qemu-tools-3.1.1.1-9.14.1 is installed
|