SUSE-SU-2015:1409-1

Опубликовано: 07 авг. 2015

Источник: suse-cvrf

Описание

Security update for kvm

kvm was updated to fix one security issue.

This security issue was fixed:

CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344).

Список пакетов

SUSE Linux Enterprise Server 11 SP1-LTSS

kvm-0.12.5-1.30.2

SUSE Linux Enterprise Server 11 SP1-TERADATA

kvm-0.12.5-1.30.2

Ссылки

https://www.suse.com/support/update/announcement/2015/suse-su-20151409-1/
Link for SUSE-SU-2015:1409-1
https://lists.suse.com/pipermail/sle-security-updates/2015-August/001544.html
E-Mail link for SUSE-SU-2015:1409-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/938344
SUSE Bug 938344
https://www.suse.com/security/cve/CVE-2015-5154/
SUSE CVE CVE-2015-5154 page

Описание

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

Затронутые продукты

SUSE Linux Enterprise Server 11 SP1-LTSS:kvm-0.12.5-1.30.2

SUSE Linux Enterprise Server 11 SP1-TERADATA:kvm-0.12.5-1.30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-5154.html
CVE-2015-5154
https://bugzilla.suse.com/938344
SUSE Bug 938344
https://bugzilla.suse.com/950367
SUSE Bug 950367

SUSE-SU-2015:1409-1

Описание

Список пакетов

SUSE Linux Enterprise Server 11 SP1-LTSS

SUSE Linux Enterprise Server 11 SP1-TERADATA

Ссылки

Уязвимость: CVE-2015-5154

Описание

Затронутые продукты

Ссылки