Oval Definition:	oval:org.opensuse.security:def:4760
Revision Date: 2020-12-02 Version: 1 Title: Security update for qemu (Important) Description: This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS (bsc#1110910). - CVE-2018-15746: Fixed qemu-seccomp.c that might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread (bsc#1106222). - CVE-2018-16847: Fixed an OOB heap buffer r/w access issue that was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process (bsc#1114529). - CVE-2018-17958: Fixed a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used (bsc#1111006). - CVE-2018-17962: Fixed a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used (bsc#1111010). - CVE-2018-17963: Fixed qemu_deliver_packet_iov in net/net.c that accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111013) - CVE-2018-18849: Fixed an out of bounds memory access issue that was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin. It could occur during migration if the 'msg_len' field has an invalid value. A user/process could use this flaw to crash the Qemu process resulting in DoS (bsc#1114422). Non-security issues fixed: - Fix slowness in arm32 emulation (bsc#1112499). - In order to improve spectre mitigation for s390x, add a new feature in the QEMU cpu model to provide the etoken cpu feature for guests (bsc#1107489). Family: unix Class: patch Status: Reference(s): 1001215 1012382 1044231 1046540 1050242 1050319 1050536 1050540 1051510 1051858 1053043 1055120 1055186 1056686 1056787 1058115 1060463 1063638 1064802 1065600 1065729 1066129 1066674 1067126 1067906 1068546 1071995 1075020 1076830 1079524 1082387 1083647 1084760 1084831 1085535 1086283 1086288 1094244 1094825 1095805 1099125 1099658 1100132 1102881 1103308 1103543 1103990 1103992 1104353 1104427 1104731 1104745 1105025 1105536 1106011 1106105 1106110 1106222 1106237 1106240 1106284 1106838 1107489 1107685 1108193 1108241 1108377 1108468 1108828 1108838 1108841 1108870 1108937 1109151 1109158 1109217 1109330 1109739 1109784 1109806 1109818 1109837 1109907 1109911 1109915 1109919 1109951 1110006 1110096 1110538 1110561 1110910 1110921 1110946 1111006 1111010 1111013 1111028 1111076 1111506 1111666 1111696 1111806 1111819 1111830 1111834 1111841 1111870 1111901 1111904 1111928 1111974 1111983 1112063 1112170 1112173 1112178 1112208 1112219 1112221 1112246 1112372 1112374 1112499 1112514 1112554 1112708 1112710 1112711 1112712 1112713 1112731 1112732 1112733 1112734 1112735 1112736 1112738 1112739 1112740 1112741 1112743 1112745 1112746 1112894 1112899 1112902 1112903 1112905 1112906 1112907 1113257 1113284 1113722 1113956 1114279 1114422 1114427 1114529 1114685 1115688 1117158 1117561 1118139 1119680 1119843 1120091 1120423 1120566 1120843 1120902 1122776 1122842 1123454 1123663 1124503 1124839 1126356 1127611 1127616 1128052 1128904 1128979 1129138 1129273 1129497 1129693 1129770 1130579 1130699 1130972 1131326 1131451 1131488 1131565 1131673 1132044 1133021 1133176 1133188 1133190 1133320 1133612 1133616 1133719 1134090 1134160 1134162 1134199 1134200 1134201 1134202 1134203 1134204 1134205 1134354 1134393 1134459 1134460 1134461 1134537 1134597 1134651 1134671 1134760 1134806 1134810 1134813 1134848 1134936 1135006 1135007 1135008 1135056 1135100 1135120 1135278 1135281 1135309 1135312 1135314 1135315 1135316 1135320 1135323 1135330 1135492 1135542 1135556 1135603 1135642 1135661 1135758 1136157 1136206 1136424 1136428 1136430 1136432 1136434 1136435 1136438 1136439 1136477 1136478 1136573 1136586 1136666 1136881 1136935 1136990 1137137 1137151 1137152 1137153 1137162 1137372 1137444 1137586 1137739 1137752 1138734 1141025 1141895 1144333 1145586 1146539 1149100 1150711 1151178 1151317 1152148 1152472 1152489 1152692 1153274 1154353 1155327 1155518 1155690 1155798 1156202 1156395 1156510 1157424 1157465 1158187 1159284 1159285 1160659 1160682 1161561 1161951 1162327 1162928 1162929 1162931 1164078 1164507 1165111 1165404 1165488 1165527 1165572 1165741 1165813 1165873 1165929 1165950 1165980 1165984 1165985 1166003 1166101 1166102 1166103 1166104 1166632 1166658 1166730 1166731 1166732 1166733 1166734 1166735 1166881 1167437 1167527 1168340 1168345 1168683 1169604 1169800 1170104 1170232 1170288 1170595 1170774 1171000 1171068 1171073 1171550 1171558 1171688 1171742 1171906 1172075 1172419 1172757 1172873 1173017 1173060 1173072 1173115 1173267 1173746 1174029 1174110 1174111 1174157 1174165 1174358 1174484 1174486 1174899 1175259 1175263 1175667 1175718 1175749 1175787 1175882 1175952 1175996 1175997 1175998 1175999 1176000 1176001 1176019 1176022 1176038 1176063 1176137 1176235 1176236 1176237 1176242 1176278 1176357 1176358 1176359 1176360 1176361 1176362 1176363 1176364 1176365 1176366 1176367 1176381 1176423 1176449 1176482 1176486 1176507 1176536 1176537 1176538 1176539 1176540 1176541 1176542 1176544 1176545 1176546 1176548 1176558 1176559 1176587 1176588 1176659 1176698 1176699 1176700 1176721 1176722 1176725 1176732 1176763 1176775 1176788 1176789 1176833 1176869 1176877 1176925 1176962 1176980 1176990 1177021 1177030 999199 CVE-2016-7044 CVE-2016-7045 CVE-2016-7553 CVE-2017-16533 CVE-2017-18224 CVE-2018-10839 CVE-2018-11803 CVE-2018-15746 CVE-2018-16847 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 CVE-2018-18386 CVE-2018-18445 CVE-2018-18849 CVE-2018-7191 CVE-2019-10124 CVE-2019-11085 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11487 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-16239 CVE-2019-17639 CVE-2019-18897 CVE-2019-19768 CVE-2019-20372 CVE-2019-3846 CVE-2019-5489 CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-10703 CVE-2020-11501 CVE-2020-11651 CVE-2020-11652 CVE-2020-13249 CVE-2020-14385 CVE-2020-14390 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-25212 CVE-2020-25284 CVE-2020-26088 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383 SUSE-SU-2016:2524-1 SUSE-SU-2018:3589-1 SUSE-SU-2018:3927-1 SUSE-SU-2019:0195-1 SUSE-SU-2019:1529-1 SUSE-SU-2019:2737-1 SUSE-SU-2019:2982-1 SUSE-SU-2020:0836-1 SUSE-SU-2020:0948-1 SUSE-SU-2020:1171-1 SUSE-SU-2020:1250-1 SUSE-SU-2020:1423-1 SUSE-SU-2020:1973-1 SUSE-SU-2020:2453-1 SUSE-SU-2020:2879-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information bzip2-1.0.6-27 is installed OR libbz2-1-1.0.6-27 is installed OR libbz2-1-32bit-1.0.6-27 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND cifs-utils-6.5-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND clamav-0.99.2-32 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information libpacemaker3-1.1.15-19 is installed OR pacemaker-1.1.15-19 is installed OR pacemaker-cli-1.1.15-19 is installed OR pacemaker-cts-1.1.15-19 is installed OR pacemaker-remote-1.1.15-19 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND fence-agents-4.2.1+git.1537269352.7b1fd536-1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND python-requests-2.18.2-8.4 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information at-3.1.14-8.6 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_39-47-default-1-2.1 is installed OR kgraft-patch-3_12_39-47-xen-1-2.1 is installed OR kgraft-patch-SLE12_Update_4-1-2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information qemu-2.11.2-9.12 is installed OR qemu-arm-2.11.2-9.12 is installed OR qemu-block-curl-2.11.2-9.12 is installed OR qemu-block-iscsi-2.11.2-9.12 is installed OR qemu-block-rbd-2.11.2-9.12 is installed OR qemu-block-ssh-2.11.2-9.12 is installed OR qemu-guest-agent-2.11.2-9.12 is installed OR qemu-ipxe-1.0.0+-9.12 is installed OR qemu-kvm-2.11.2-9.12 is installed OR qemu-lang-2.11.2-9.12 is installed OR qemu-ppc-2.11.2-9.12 is installed OR qemu-s390-2.11.2-9.12 is installed OR qemu-seabios-1.11.0-9.12 is installed OR qemu-sgabios-8-9.12 is installed OR qemu-vgabios-1.11.0-9.12 is installed OR qemu-x86-2.11.2-9.12 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND LibVNCServer-0.9.1-154.24 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND acpid-1.0.6-91.25.20 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information ImageMagick-6.4.3.6-7.40.1 is installed OR libMagickCore1-6.4.3.6-7.40.1 is installed OR libMagickCore1-32bit-6.4.3.6-7.40.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information docker-1.3.2-9.1 is installed OR ruby2.1-rubygem-sle2docker-0.2.3-5.1 is installed OR sle2docker-0.2.3-5.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND libevent-2_0-5-2.0.21-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND binutils-2.26.1-9.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bind-9.11.2-1 is installed OR bind-chrootenv-9.11.2-1 is installed OR bind-doc-9.11.2-1 is installed OR bind-utils-9.11.2-1 is installed OR libbind9-160-9.11.2-1 is installed OR libdns169-9.11.2-1 is installed OR libirs160-9.11.2-1 is installed OR libisc166-9.11.2-1 is installed OR libisc166-32bit-9.11.2-1 is installed OR libisccc160-9.11.2-1 is installed OR libisccfg160-9.11.2-1 is installed OR liblwres160-9.11.2-1 is installed OR python-bind-9.11.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information gmp-6.1.2-4.3 is installed OR gmp-devel-6.1.2-4.3 is installed OR gmp-devel-32bit-6.1.2-4.3 is installed OR gnutls-3.6.7-6.14 is installed OR libgmp10-6.1.2-4.3 is installed OR libgmp10-32bit-6.1.2-4.3 is installed OR libgmpxx4-6.1.2-4.3 is installed OR libgmpxx4-32bit-6.1.2-4.3 is installed OR libgnutls-devel-3.6.7-6.14 is installed OR libgnutls30-3.6.7-6.14 is installed OR libgnutls30-32bit-3.6.7-6.14 is installed OR libgnutls30-hmac-3.6.7-6.14 is installed OR libgnutls30-hmac-32bit-3.6.7-6.14 is installed OR libgnutlsxx-devel-3.6.7-6.14 is installed OR libgnutlsxx28-3.6.7-6.14 is installed OR libhogweed4-3.4.1-4.12 is installed OR libhogweed4-32bit-3.4.1-4.12 is installed OR libnettle-3.4.1-4.12 is installed OR libnettle-devel-3.4.1-4.12 is installed OR libnettle6-3.4.1-4.12 is installed OR libnettle6-32bit-3.4.1-4.12 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND nginx-1.16.1-3.12 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND libguestfs-devel-1.20.4-0.18.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libtiff-devel-3.8.2-141.163.1 is installed OR libtiff-devel-32bit-3.8.2-141.163.1 is installed OR tiff-3.8.2-141.163.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND dhcp-devel-4.2.6-7 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND bind-devel-9.9.6P1-30 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information FastCGI-2.4.0-167 is installed OR perl-FastCGI-2.4.0-167 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.25 is installed OR kernel-default-extra-4.12.14-25.25 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND enigmail-2.1.2-3.19 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.24 is installed OR kernel-default-extra-5.3.18-24.24 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information irssi-0.8.20-9 is installed OR irssi-devel-0.8.20-9 is installed
BACK