Описание
Security update for qemu
This update fixes the following security issues:
- Enforce receive packet size, thus eliminating buffer overflow and potential security issue. (bsc#957162 CVE-2015-7512)
- Infinite loop in processing command block list. CVE-2015-8345 (bsc#956829):
This update also fixes a non-security bug:
- Due to space restrictions in limited bios data areas, don't create mptable if vcpu count is 'high' (ie more than ~19). (bsc#954864) (No supported guests are negatively impacted by this change, which is taken from upstream seabios)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
qemu-2.3.1-7.7
qemu-block-curl-2.3.1-7.7
qemu-ipxe-1.0.0-7.7
qemu-kvm-2.3.1-7.7
qemu-seabios-1.8.1-7.7
qemu-sgabios-8-7.7
qemu-tools-2.3.1-7.7
qemu-vgabios-1.8.1-7.7
qemu-x86-2.3.1-7.7
SUSE Linux Enterprise Server 12 SP1
qemu-2.3.1-7.7
qemu-block-curl-2.3.1-7.7
qemu-block-rbd-2.3.1-7.7
qemu-guest-agent-2.3.1-7.7
qemu-ipxe-1.0.0-7.7
qemu-kvm-2.3.1-7.7
qemu-lang-2.3.1-7.7
qemu-ppc-2.3.1-7.7
qemu-s390-2.3.1-7.7
qemu-seabios-1.8.1-7.7
qemu-sgabios-8-7.7
qemu-tools-2.3.1-7.7
qemu-vgabios-1.8.1-7.7
qemu-x86-2.3.1-7.7
SUSE Linux Enterprise Server for SAP Applications 12 SP1
qemu-2.3.1-7.7
qemu-block-curl-2.3.1-7.7
qemu-block-rbd-2.3.1-7.7
qemu-guest-agent-2.3.1-7.7
qemu-ipxe-1.0.0-7.7
qemu-kvm-2.3.1-7.7
qemu-lang-2.3.1-7.7
qemu-ppc-2.3.1-7.7
qemu-s390-2.3.1-7.7
qemu-seabios-1.8.1-7.7
qemu-sgabios-8-7.7
qemu-tools-2.3.1-7.7
qemu-vgabios-1.8.1-7.7
qemu-x86-2.3.1-7.7
Ссылки
- Link for SUSE-SU-2016:0459-1
- E-Mail link for SUSE-SU-2016:0459-1
- SUSE Security Ratings
- SUSE Bug 954864
- SUSE Bug 956829
- SUSE Bug 957162
- SUSE CVE CVE-2015-7512 page
- SUSE CVE CVE-2015-8345 page
Описание
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:qemu-2.3.1-7.7
SUSE Linux Enterprise Desktop 12 SP1:qemu-block-curl-2.3.1-7.7
SUSE Linux Enterprise Desktop 12 SP1:qemu-ipxe-1.0.0-7.7
SUSE Linux Enterprise Desktop 12 SP1:qemu-kvm-2.3.1-7.7
Ссылки
- CVE-2015-7512
- SUSE Bug 957162
- SUSE Bug 962360
Описание
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:qemu-2.3.1-7.7
SUSE Linux Enterprise Desktop 12 SP1:qemu-block-curl-2.3.1-7.7
SUSE Linux Enterprise Desktop 12 SP1:qemu-ipxe-1.0.0-7.7
SUSE Linux Enterprise Desktop 12 SP1:qemu-kvm-2.3.1-7.7
Ссылки
- CVE-2015-8345
- SUSE Bug 956829
- SUSE Bug 956832