Oval Definition:oval:org.opensuse.security:def:202035517
Revision Date:2022-09-02Version:1
Title:CVE-2020-35517
Description:

A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-35517
SUSE CVE-2020-35517
Platform(s):SUSE CaaS Platform 4.0
SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 6
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND
  • qemu is not affected
  • OR xen is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • qemu is not affected
  • OR qemu-audio-alsa is not affected
  • OR qemu-audio-oss is not affected
  • OR qemu-audio-pa is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-ui-curses is not affected
  • OR qemu-ui-gtk is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-devel is not affected
  • OR xen-libs is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
  • OR Package Information
  • SUSE CaaS Platform 4.0 is installed
  • AND
  • qemu is not affected
  • OR qemu-audio-alsa is not affected
  • OR qemu-audio-oss is not affected
  • OR qemu-audio-pa is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-ui-curses is not affected
  • OR qemu-ui-gtk is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-devel is not affected
  • OR xen-libs is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND
  • qemu is not affected
  • OR xen is not affected
  • OR Package Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND
  • qemu-tools is not affected
  • OR xen-libs is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND
  • qemu is not affected
  • OR xen is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND
  • qemu is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-devel is not affected
  • OR xen-libs is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • qemu is not affected
  • OR qemu-audio-alsa is not affected
  • OR qemu-audio-oss is not affected
  • OR qemu-audio-pa is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-ui-curses is not affected
  • OR qemu-ui-gtk is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-devel is not affected
  • OR xen-libs is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
  • OR Package Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND
  • qemu-tools is not affected
  • OR xen-libs is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP1 is installed
  • OR SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP1 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Storage 6 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.0 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND Package Information
  • qemu is not affected
  • OR xen is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND
  • qemu is not affected
  • OR xen is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • qemu is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-doc-html is not affected
  • OR xen-libs is not affected
  • OR xen-libs-32bit is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • qemu is not affected
  • OR qemu-arm is not affected
  • OR qemu-audio-alsa is not affected
  • OR qemu-audio-oss is not affected
  • OR qemu-audio-pa is not affected
  • OR qemu-audio-sdl is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-s390 is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-ui-curses is not affected
  • OR qemu-ui-gtk is not affected
  • OR qemu-ui-sdl is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-doc-html is not affected
  • OR xen-libs is not affected
  • OR xen-libs-32bit is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • qemu is not affected
  • OR xen is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP1 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • OR SUSE Linux Enterprise Server 15 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • OR SUSE Linux Enterprise Storage 6 is installed
  • OR SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND
  • qemu is not affected
  • OR xen is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • qemu is not affected
  • OR qemu-audio-alsa is not affected
  • OR qemu-audio-oss is not affected
  • OR qemu-audio-pa is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-ui-curses is not affected
  • OR qemu-ui-gtk is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-devel is not affected
  • OR xen-libs is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • qemu is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-doc-html is not affected
  • OR xen-libs is not affected
  • OR xen-libs-32bit is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • qemu is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-doc-html is not affected
  • OR xen-libs is not affected
  • OR xen-libs-32bit is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND
  • qemu is not affected
  • OR xen is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • qemu is not affected
  • OR qemu-arm is not affected
  • OR qemu-audio-alsa is not affected
  • OR qemu-audio-oss is not affected
  • OR qemu-audio-pa is not affected
  • OR qemu-audio-sdl is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-s390 is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-ui-curses is not affected
  • OR qemu-ui-gtk is not affected
  • OR qemu-ui-sdl is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-doc-html is not affected
  • OR xen-libs is not affected
  • OR xen-libs-32bit is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • qemu is not affected
  • OR qemu-block-curl is not affected
  • OR qemu-block-iscsi is not affected
  • OR qemu-block-rbd is not affected
  • OR qemu-block-ssh is not affected
  • OR qemu-guest-agent is not affected
  • OR qemu-ipxe is not affected
  • OR qemu-kvm is not affected
  • OR qemu-lang is not affected
  • OR qemu-ppc is not affected
  • OR qemu-seabios is not affected
  • OR qemu-sgabios is not affected
  • OR qemu-tools is not affected
  • OR qemu-vgabios is not affected
  • OR qemu-x86 is not affected
  • OR xen is not affected
  • OR xen-doc-html is not affected
  • OR xen-libs is not affected
  • OR xen-libs-32bit is not affected
  • OR xen-tools is not affected
  • OR xen-tools-domU is not affected
    • BACK