Oval Definition:oval:org.opensuse.security:def:55608
Revision Date:2020-12-01Version:1
Title:Security update for qemu (Important)
Description:

qemu was updated to fix several security issues and bugs.

The following vulnerabilities were fixed: - CVE-2015-5154: Heap-based buffer overflow in the IDE subsystem in QEMU, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. (bsc#938344). - CVE-2015-5278: QEMU was vulnerable to an infinite loop issue that could occur when receiving packets over the network. (bsc#945989) - CVE-2015-5279: QEMU was vulnerable to a heap buffer overflow issue that could occur when receiving packets over the network. (bsc#945987) - CVE-2015-6855: QEMU was vulnerable to a divide by zero issue that could occur while executing an IDE command WIN_READ_NATIVE_MAX to determine the maximum size of a drive. (bsc#945404) - CVE-2014-7815: The set_pixel_format function in ui/vnc.c in QEMU allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value. (bsc#902737):

Also these non-security issues were fixed: - bsc#937572: Fixed dictzip on big endian systems - bsc#934517: Fix 'info tlb' causes guest to freeze - bsc#934506: Fix vte monitor consol looks empy - bsc#937125: Fix parsing of scsi-disk wwn uint64 property - bsc#945778: Drop .probe hooks for DictZip and tar block drivers - bsc#937572: Fold common-obj-y -> block-obj-y change into original patches - bsc#928308,bsc#944017: Fix virtio-ccw index errors when initrd gets too large - bsc#936537: Fix possible qemu-img error when converting to compressed qcow2 image - bsc#939216: Fix reboot fail after install using uefi - bsc#943446: qemu-img convert doesn't create MB aligned VHDs anymore

Family:unixClass:patch
Status:Reference(s):1000677
1001912
1004499
1005878
1013311
1019334
1021641
1022085
1022271
1027197
1034674
1034678
1067203
1072193
1077999
1087932
1111331
1125330
1127987
1129821
1130262
1145092
1146068
1146211
1146212
1146213
1151781
1151782
1151783
1151784
1151785
1151786
761626
784523
902737
911886
928308
929414
929629
934506
934517
935573
936537
937125
937572
938344
939216
940191
943446
944017
945404
945778
945987
945989
946204
951404
952871
958324
961491
963415
968046
968048
968051
968053
968374
982779
990636
CVE-2006-4197
CVE-2012-4505
CVE-2014-7815
CVE-2014-8146
CVE-2014-8147
CVE-2014-8767
CVE-2014-8768
CVE-2014-8769
CVE-2014-9140
CVE-2015-0261
CVE-2015-2153
CVE-2015-2154
CVE-2015-2155
CVE-2015-3197
CVE-2015-3622
CVE-2015-4680
CVE-2015-5154
CVE-2015-5278
CVE-2015-5279
CVE-2015-6855
CVE-2015-7236
CVE-2015-8045
CVE-2015-8047
CVE-2015-8048
CVE-2015-8049
CVE-2015-8050
CVE-2015-8055
CVE-2015-8056
CVE-2015-8057
CVE-2015-8058
CVE-2015-8059
CVE-2015-8060
CVE-2015-8061
CVE-2015-8062
CVE-2015-8063
CVE-2015-8064
CVE-2015-8065
CVE-2015-8066
CVE-2015-8067
CVE-2015-8068
CVE-2015-8069
CVE-2015-8070
CVE-2015-8071
CVE-2015-8401
CVE-2015-8402
CVE-2015-8403
CVE-2015-8404
CVE-2015-8405
CVE-2015-8406
CVE-2015-8407
CVE-2015-8408
CVE-2015-8409
CVE-2015-8410
CVE-2015-8411
CVE-2015-8412
CVE-2015-8413
CVE-2015-8414
CVE-2015-8415
CVE-2015-8416
CVE-2015-8417
CVE-2015-8418
CVE-2015-8419
CVE-2015-8420
CVE-2015-8421
CVE-2015-8422
CVE-2015-8423
CVE-2015-8424
CVE-2015-8425
CVE-2015-8426
CVE-2015-8427
CVE-2015-8428
CVE-2015-8429
CVE-2015-8430
CVE-2015-8431
CVE-2015-8432
CVE-2015-8433
CVE-2015-8434
CVE-2015-8435
CVE-2015-8436
CVE-2015-8437
CVE-2015-8438
CVE-2015-8439
CVE-2015-8440
CVE-2015-8441
CVE-2015-8442
CVE-2015-8443
CVE-2015-8444
CVE-2015-8445
CVE-2015-8446
CVE-2015-8447
CVE-2015-8448
CVE-2015-8449
CVE-2015-8450
CVE-2015-8451
CVE-2015-8452
CVE-2015-8453
CVE-2015-8454
CVE-2015-8455
CVE-2016-0702
CVE-2016-0703
CVE-2016-0704
CVE-2016-0797
CVE-2016-0799
CVE-2016-0800
CVE-2016-2108
CVE-2016-4008
CVE-2016-6293
CVE-2016-7056
CVE-2016-8610
CVE-2017-14952
CVE-2017-15422
CVE-2017-17484
CVE-2017-3731
CVE-2017-6318
CVE-2017-7867
CVE-2017-7868
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-18335
CVE-2018-18356
CVE-2018-18506
CVE-2019-10208
CVE-2019-11091
CVE-2019-14980
CVE-2019-15139
CVE-2019-15140
CVE-2019-15141
CVE-2019-16708
CVE-2019-16709
CVE-2019-16710
CVE-2019-16711
CVE-2019-16712
CVE-2019-16713
CVE-2019-5785
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
SUSE-SU-2015:1706-1
SUSE-SU-2015:1782-1
SUSE-SU-2015:2236-1
SUSE-SU-2016:0641-1
SUSE-SU-2016:1601-1
SUSE-SU-2017:0102-1
SUSE-SU-2017:0461-1
SUSE-SU-2017:0713-1
SUSE-SU-2019:0852-1
SUSE-SU-2019:1296-1
SUSE-SU-2019:2785-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • colord-1.4.2-lp150.1 is installed
  • OR colord-color-profiles-1.4.2-lp150.1 is installed
  • OR colord-gtk-lang-0.1.26-lp150.1 is installed
  • OR colord-lang-1.4.2-lp150.1 is installed
  • OR libcolord-gtk1-0.1.26-lp150.1 is installed
  • OR libcolord2-1.4.2-lp150.1 is installed
  • OR libcolorhug2-1.4.2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • python-Twisted-17.9.0-lp151.3.3 is installed
  • OR python-Twisted-doc-17.9.0-lp151.3.3 is installed
  • OR python2-Twisted-17.9.0-lp151.3.3 is installed
  • OR python3-Twisted-17.9.0-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libproxy0-0.3.1-2.6 is installed
  • OR libproxy0-32bit-0.3.1-2.6 is installed
  • OR libproxy0-config-gnome-0.3.1-2.6 is installed
  • OR libproxy0-config-gnome-32bit-0.3.1-2.6 is installed
  • OR libproxy0-config-kde4-0.3.1-2.6 is installed
  • OR libproxy0-networkmanager-0.3.1-2.6 is installed
  • OR libproxy0-networkmanager-32bit-0.3.1-2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.554-0.29 is installed
  • OR flash-player-gnome-11.2.202.554-0.29 is installed
  • OR flash-player-kde4-11.2.202.554-0.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND rpcbind-0.1.6+git20080930-6.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • qemu-2.0.2-48.9 is installed
  • OR qemu-block-curl-2.0.2-48.9 is installed
  • OR qemu-ipxe-1.0.0-48.9 is installed
  • OR qemu-kvm-2.0.2-48.9 is installed
  • OR qemu-seabios-1.7.4-48.9 is installed
  • OR qemu-sgabios-8-48.9 is installed
  • OR qemu-tools-2.0.2-48.9 is installed
  • OR qemu-vgabios-1.7.4-48.9 is installed
  • OR qemu-x86-2.0.2-48.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND ucode-intel-20190514-13.44 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND libmusicbrainz4-2.1.5-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_69-default-7-2 is installed
  • OR kgraft-patch-3_12_74-60_64_69-xen-7-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_24-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND chrony-2.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.85 is installed
  • OR kernel-default-base-4.4.121-92.85 is installed
  • OR kernel-default-devel-4.4.121-92.85 is installed
  • OR kernel-devel-4.4.121-92.85 is installed
  • OR kernel-macros-4.4.121-92.85 is installed
  • OR kernel-source-4.4.121-92.85 is installed
  • OR kernel-syms-4.4.121-92.85 is installed
  • OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_45-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_14-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libmspack0-0.4-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND openvswitch-2.7.6-3.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • icu-52.1-8.7 is installed
  • OR libicu-doc-52.1-8.7 is installed
  • OR libicu52_1-52.1-8.7 is installed
  • OR libicu52_1-32bit-52.1-8.7 is installed
  • OR libicu52_1-data-52.1-8.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-requests-2.20.1-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • BACK