Oval Definition:oval:org.opensuse.security:def:126414
Revision Date:2019-02-19Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156). - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493). - CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275). - CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717). - CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).

Non-security issues fixed:

- Improved disk performance for qemu on xen (bsc#1100408). - Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993). - Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600). - Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646). - Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).
Family:unixClass:patch
Status:Reference(s):1063993
1079730
1100408
1101982
1112646
1114957
1116717
1117275
1119493
1121600
1123156
1123179
CVE-2018-16872
CVE-2018-18954
CVE-2018-19364
CVE-2018-19489
CVE-2019-6778
SUSE-SU-2019:0435-1
Platform(s):SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP4
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND
  • qemu-2.11.2-5.8.1 is installed
  • OR qemu-arm-2.11.2-5.8.1 is installed
  • OR qemu-block-curl-2.11.2-5.8.1 is installed
  • OR qemu-block-iscsi-2.11.2-5.8.1 is installed
  • OR qemu-block-rbd-2.11.2-5.8.1 is installed
  • OR qemu-block-ssh-2.11.2-5.8.1 is installed
  • OR qemu-guest-agent-2.11.2-5.8.1 is installed
  • OR qemu-ipxe-1.0.0+-5.8.1 is installed
  • OR qemu-kvm-2.11.2-5.8.1 is installed
  • OR qemu-lang-2.11.2-5.8.1 is installed
  • OR qemu-ppc-2.11.2-5.8.1 is installed
  • OR qemu-s390-2.11.2-5.8.1 is installed
  • OR qemu-seabios-1.11.0-5.8.1 is installed
  • OR qemu-sgabios-8-5.8.1 is installed
  • OR qemu-tools-2.11.2-5.8.1 is installed
  • OR qemu-vgabios-1.11.0-5.8.1 is installed
  • OR qemu-x86-2.11.2-5.8.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • qemu-2.11.2-5.8.1 is installed
  • OR qemu-arm-2.11.2-5.8.1 is installed
  • OR qemu-block-curl-2.11.2-5.8.1 is installed
  • OR qemu-block-iscsi-2.11.2-5.8.1 is installed
  • OR qemu-block-rbd-2.11.2-5.8.1 is installed
  • OR qemu-block-ssh-2.11.2-5.8.1 is installed
  • OR qemu-guest-agent-2.11.2-5.8.1 is installed
  • OR qemu-ipxe-1.0.0+-5.8.1 is installed
  • OR qemu-kvm-2.11.2-5.8.1 is installed
  • OR qemu-lang-2.11.2-5.8.1 is installed
  • OR qemu-ppc-2.11.2-5.8.1 is installed
  • OR qemu-s390-2.11.2-5.8.1 is installed
  • OR qemu-seabios-1.11.0-5.8.1 is installed
  • OR qemu-sgabios-8-5.8.1 is installed
  • OR qemu-tools-2.11.2-5.8.1 is installed
  • OR qemu-vgabios-1.11.0-5.8.1 is installed
  • OR qemu-x86-2.11.2-5.8.1 is installed
    • BACK