Oval Definition:oval:org.opensuse.security:def:83964
Revision Date:2020-06-04Version:1
Title:Security update for qemu (Moderate)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code (bsc#1166240). - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation (bsc#1146873). - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp (bsc#1170940). - CVE-2020-8608: Fixed a potential OOB access in slirp (bsc#1163018). - CVE-2020-7039: Fixed a potential OOB access in slirp (bsc#1161066). - CVE-2019-15890: Fixed a use-after-free during packet reassembly in slirp (bsc#1149811). - Fixed multiple potential DoS issues in SLIRP, similar to CVE-2019-6778 (bsc#1123156).

Non-security issue fixed:

- Make sure that required memory is mapped properly during an incoming migration of a Xen HVM domU (bsc#1160024).
Family:unixClass:patch
Status:Reference(s):1123156
1146873
1149811
1160024
1161066
1163018
1166240
1170940
CVE-2019-12068
CVE-2019-15890
CVE-2019-6778
CVE-2020-1711
CVE-2020-1983
CVE-2020-7039
CVE-2020-8608
SUSE-SU-2020:1538-1
Platform(s):SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • qemu-2.9.1-6.44.1 is installed
  • OR qemu-block-curl-2.9.1-6.44.1 is installed
  • OR qemu-block-iscsi-2.9.1-6.44.1 is installed
  • OR qemu-block-rbd-2.9.1-6.44.1 is installed
  • OR qemu-block-ssh-2.9.1-6.44.1 is installed
  • OR qemu-guest-agent-2.9.1-6.44.1 is installed
  • OR qemu-ipxe-1.0.0+-6.44.1 is installed
  • OR qemu-kvm-2.9.1-6.44.1 is installed
  • OR qemu-lang-2.9.1-6.44.1 is installed
  • OR qemu-seabios-1.10.2-6.44.1 is installed
  • OR qemu-sgabios-8-6.44.1 is installed
  • OR qemu-tools-2.9.1-6.44.1 is installed
  • OR qemu-vgabios-1.10.2-6.44.1 is installed
  • OR qemu-x86-2.9.1-6.44.1 is installed
    • BACK