Oval Definition:oval:org.opensuse.security:def:53354
Revision Date:2020-12-01Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

- CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). - CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). - CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). - CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). - Fixed a live migration error (bsc#1154790). - Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729).
Family:unixClass:patch
Status:Reference(s):1001367
1001419
1002165
1003800
1004418
1004477
1005555
1005558
1005562
1005564
1005566
1005569
1005581
1005582
1006166
1006539
1008318
1023895
1048367
1052261
1065000
1068310
1069496
1069509
1069702
1070805
1123156
1146090
1146091
1146093
1146094
1146095
1146097
1146099
1146100
1154790
1161066
1162729
1163018
1165776
1166240
1166379
904970
906574
907150
919053
919062
920615
920633
920865
920896
921333
924663
924960
924961
930408
934789
936407
936408
936409
942690
960341
980486
990890
CVE-2008-1483
CVE-2011-1831
CVE-2011-1832
CVE-2011-1833
CVE-2011-1834
CVE-2011-1835
CVE-2011-1836
CVE-2011-1837
CVE-2012-3466
CVE-2014-3618
CVE-2014-4910
CVE-2014-8962
CVE-2014-8964
CVE-2014-9028
CVE-2014-9687
CVE-2015-0433
CVE-2015-0441
CVE-2015-0499
CVE-2015-0501
CVE-2015-0505
CVE-2015-2325
CVE-2015-2326
CVE-2015-2568
CVE-2015-2571
CVE-2015-2573
CVE-2015-3152
CVE-2015-5185
CVE-2015-7554
CVE-2015-8946
CVE-2016-1572
CVE-2016-3492
CVE-2016-5195
CVE-2016-5584
CVE-2016-5624
CVE-2016-5626
CVE-2016-5629
CVE-2016-6224
CVE-2016-6354
CVE-2016-6663
CVE-2016-7440
CVE-2016-8283
CVE-2017-1000405
CVE-2017-12424
CVE-2017-15906
CVE-2017-16939
CVE-2017-2581
CVE-2017-2586
CVE-2017-2587
CVE-2019-15034
CVE-2019-20382
CVE-2019-6778
CVE-2019-9511
CVE-2019-9512
CVE-2019-9513
CVE-2019-9514
CVE-2019-9515
CVE-2019-9516
CVE-2019-9517
CVE-2019-9518
CVE-2020-1711
CVE-2020-7039
CVE-2020-8608
SUSE-SU-2015:1273-1
SUSE-SU-2016:0160-1
SUSE-SU-2016:2592-1
SUSE-SU-2016:2933-1
SUSE-SU-2017:2947-1
SUSE-SU-2017:3226-1
SUSE-SU-2017:3230-1
SUSE-SU-2019:2259-1
SUSE-SU-2020:0844-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND binutils-2.29.1-lp150.4 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND enigmail-2.0.11-31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • compat-openssl097g-0.9.7g-146.22 is installed
  • OR compat-openssl097g-32bit-0.9.7g-146.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • curl-7.19.7-1.46 is installed
  • OR libcurl4-7.19.7-1.46 is installed
  • OR libcurl4-32bit-7.19.7-1.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libssh-0.2-5.22 is installed
  • OR libssh2-0.2-5.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libmysqlclient18-10.0.20-18 is installed
  • OR libmysqlclient18-32bit-10.0.20-18 is installed
  • OR libmysqlclient_r18-10.0.20-18 is installed
  • OR libmysqlclient_r18-32bit-10.0.20-18 is installed
  • OR mariadb-10.0.20-18 is installed
  • OR mariadb-client-10.0.20-18 is installed
  • OR mariadb-errormessages-10.0.20-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • kernel-default-3.12.62-60.64.8 is installed
  • OR kernel-default-devel-3.12.62-60.64.8 is installed
  • OR kernel-default-extra-3.12.62-60.64.8 is installed
  • OR kernel-devel-3.12.62-60.64.8 is installed
  • OR kernel-macros-3.12.62-60.64.8 is installed
  • OR kernel-source-3.12.62-60.64.8 is installed
  • OR kernel-syms-3.12.62-60.64.8 is installed
  • OR kernel-xen-3.12.62-60.64.8 is installed
  • OR kernel-xen-devel-3.12.62-60.64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND xf86-video-intel-2.99.917.641_ge4ef6e9-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gnome-keyring-3.20.0-27 is installed
  • OR gnome-keyring-32bit-3.20.0-27 is installed
  • OR gnome-keyring-lang-3.20.0-27 is installed
  • OR gnome-keyring-pam-3.20.0-27 is installed
  • OR gnome-keyring-pam-32bit-3.20.0-27 is installed
  • OR libgck-modules-gnome-keyring-3.20.0-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • ecryptfs-utils-103-8.3 is installed
  • OR ecryptfs-utils-32bit-103-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • qemu-3.1.1.1-9.14 is installed
  • OR qemu-arm-3.1.1.1-9.14 is installed
  • OR qemu-audio-alsa-3.1.1.1-9.14 is installed
  • OR qemu-audio-oss-3.1.1.1-9.14 is installed
  • OR qemu-audio-pa-3.1.1.1-9.14 is installed
  • OR qemu-block-curl-3.1.1.1-9.14 is installed
  • OR qemu-block-iscsi-3.1.1.1-9.14 is installed
  • OR qemu-block-rbd-3.1.1.1-9.14 is installed
  • OR qemu-block-ssh-3.1.1.1-9.14 is installed
  • OR qemu-guest-agent-3.1.1.1-9.14 is installed
  • OR qemu-ipxe-1.0.0+-9.14 is installed
  • OR qemu-kvm-3.1.1.1-9.14 is installed
  • OR qemu-lang-3.1.1.1-9.14 is installed
  • OR qemu-ppc-3.1.1.1-9.14 is installed
  • OR qemu-s390-3.1.1.1-9.14 is installed
  • OR qemu-seabios-1.12.0-9.14 is installed
  • OR qemu-sgabios-8-9.14 is installed
  • OR qemu-ui-curses-3.1.1.1-9.14 is installed
  • OR qemu-ui-gtk-3.1.1.1-9.14 is installed
  • OR qemu-vgabios-1.12.0-9.14 is installed
  • OR qemu-x86-3.1.1.1-9.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs10-10.16.3-1.12 is installed
  • OR nodejs10-devel-10.16.3-1.12 is installed
  • OR nodejs10-docs-10.16.3-1.12 is installed
  • OR npm10-10.16.3-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND apache-commons-httpclient-3.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND unrar-5.0.14-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • openslp-2.0.0-11 is installed
  • OR openslp-32bit-2.0.0-11 is installed
  • OR openslp-server-2.0.0-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND squid-3.5.21-26.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libdcerpc-atsvc0-4.2.4-28.29 is installed
  • OR samba-4.2.4-28.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_56-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_17-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gpgme-1.5.1-1 is installed
  • OR libgpgme11-1.5.1-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • perl-5.18.2-12.20 is installed
  • OR perl-32bit-5.18.2-12.20 is installed
  • OR perl-base-5.18.2-12.20 is installed
  • OR perl-doc-5.18.2-12.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_64-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_20-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • openslp-2.0.0-18.17 is installed
  • OR openslp-32bit-2.0.0-18.17 is installed
  • OR openslp-server-2.0.0-18.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bind-9.11.2-1 is installed
  • OR bind-chrootenv-9.11.2-1 is installed
  • OR bind-doc-9.11.2-1 is installed
  • OR bind-utils-9.11.2-1 is installed
  • OR libbind9-160-9.11.2-1 is installed
  • OR libdns169-9.11.2-1 is installed
  • OR libirs160-9.11.2-1 is installed
  • OR libisc166-9.11.2-1 is installed
  • OR libisc166-32bit-9.11.2-1 is installed
  • OR libisccc160-9.11.2-1 is installed
  • OR libisccfg160-9.11.2-1 is installed
  • OR liblwres160-9.11.2-1 is installed
  • OR python-bind-9.11.2-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • xen-4.5.5_20-22.36 is installed
  • OR xen-doc-html-4.5.5_20-22.36 is installed
  • OR xen-kmp-default-4.5.5_20_k3.12.74_60.64.63-22.36 is installed
  • OR xen-libs-4.5.5_20-22.36 is installed
  • OR xen-libs-32bit-4.5.5_20-22.36 is installed
  • OR xen-tools-4.5.5_20-22.36 is installed
  • OR xen-tools-domU-4.5.5_20-22.36 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ntp-4.2.8p11-64.5 is installed
  • OR ntp-doc-4.2.8p11-64.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-urllib3-1.23-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ansible-2.4.6.0-3.3 is installed
    • BACK