Oval Definition:	oval:org.opensuse.security:def:201920808
Revision Date: 2022-09-02 Version: 1 Title: CVE-2019-20808 Description: In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2019-20808 SUSE CVE-2019-20808 Platform(s): SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.0 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.0 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.0 SUSE Manager Server 4.1 Product(s): Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 is installed OR SUSE Linux Enterprise Desktop 12 SP1 is installed OR SUSE Linux Enterprise Desktop 12 SP2 is installed OR SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed AND qemu is not affected Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND qemu is not affected Definition Synopsis Release Information SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND qemu is not affected Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND qemu is not affected Definition Synopsis Release Information SUSE Linux Enterprise Module for Basesystem 15 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Module for Server Applications 15 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND qemu is not affected Definition Synopsis Release Information SUSE Linux Enterprise Module for Basesystem 15 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND qemu is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 is installed OR SUSE Linux Enterprise Desktop 15 SP1 is installed OR SUSE Linux Enterprise High Performance Computing 15 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed OR SUSE Linux Enterprise Module for Basesystem 15 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Server 15 is installed OR SUSE Linux Enterprise Server 15 SP1 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed OR SUSE Linux Enterprise Storage 6 is installed OR SUSE Manager Proxy 4.0 is installed OR SUSE Manager Retail Branch Server 4.0 is installed OR SUSE Manager Server 4.0 is installed AND qemu is not affected OR Package Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND qemu is affected Definition Synopsis Release Information SUSE Linux Enterprise Server 11 is installed OR SUSE Linux Enterprise Server 11 SP1 is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed AND kvm is not affected Definition Synopsis Release Information SUSE Linux Enterprise Server 12 is installed OR SUSE Linux Enterprise Server 12 SP1 is installed OR SUSE Linux Enterprise Server 12 SP2 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND qemu is not affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND qemu is not affected OR qemu-block-curl is not affected OR qemu-block-iscsi is not affected OR qemu-block-rbd is not affected OR qemu-block-ssh is not affected OR qemu-guest-agent is not affected OR qemu-ipxe is not affected OR qemu-kvm is not affected OR qemu-lang is not affected OR qemu-ppc is not affected OR qemu-seabios is not affected OR qemu-sgabios is not affected OR qemu-tools is not affected OR qemu-vgabios is not affected OR qemu-x86 is not affected OR Package Information SUSE Linux Enterprise Server 12 SP5 is installed AND qemu is not affected OR qemu-arm is not affected OR qemu-audio-alsa is not affected OR qemu-audio-oss is not affected OR qemu-audio-pa is not affected OR qemu-audio-sdl is not affected OR qemu-block-curl is not affected OR qemu-block-iscsi is not affected OR qemu-block-rbd is not affected OR qemu-block-ssh is not affected OR qemu-guest-agent is not affected OR qemu-ipxe is not affected OR qemu-kvm is not affected OR qemu-lang is not affected OR qemu-ppc is not affected OR qemu-s390 is not affected OR qemu-seabios is not affected OR qemu-sgabios is not affected OR qemu-tools is not affected OR qemu-ui-curses is not affected OR qemu-ui-gtk is not affected OR qemu-ui-sdl is not affected OR qemu-vgabios is not affected OR qemu-x86 is not affected Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND qemu is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND qemu is affected Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND qemu is not affected OR Package Information SUSE Linux Enterprise Server 12 SP5 is installed AND qemu is not affected OR qemu-arm is not affected OR qemu-audio-alsa is not affected OR qemu-audio-oss is not affected OR qemu-audio-pa is not affected OR qemu-audio-sdl is not affected OR qemu-block-curl is not affected OR qemu-block-iscsi is not affected OR qemu-block-rbd is not affected OR qemu-block-ssh is not affected OR qemu-guest-agent is not affected OR qemu-ipxe is not affected OR qemu-kvm is not affected OR qemu-lang is not affected OR qemu-ppc is not affected OR qemu-s390 is not affected OR qemu-seabios is not affected OR qemu-sgabios is not affected OR qemu-tools is not affected OR qemu-ui-curses is not affected OR qemu-ui-gtk is not affected OR qemu-ui-sdl is not affected OR qemu-vgabios is not affected OR qemu-x86 is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed AND qemu is not affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND qemu is not affected OR qemu-block-curl is not affected OR qemu-block-iscsi is not affected OR qemu-block-rbd is not affected OR qemu-block-ssh is not affected OR qemu-guest-agent is not affected OR qemu-ipxe is not affected OR qemu-kvm is not affected OR qemu-lang is not affected OR qemu-ppc is not affected OR qemu-seabios is not affected OR qemu-sgabios is not affected OR qemu-tools is not affected OR qemu-vgabios is not affected OR qemu-x86 is not affected
BACK