Описание
Security update for qemu
This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2017-10664: Fix DOS vulnerability in qemu-nbd (bsc#1046636)
- CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support (bsc#1047674)
- CVE-2017-11334: Fix OOB access during DMA operation (bsc#1048902)
- CVE-2017-11434: Fix OOB access parsing dhcp slirp options (bsc#1049381)
Following non-security issues were fixed:
- Postrequire acl for setfacl
- Prerequire shadow for groupadd
- The recent security fix for CVE-2017-11334 adversely affects Xen. Include two additional patches to make sure Xen is going to be OK.
- Pre-add group kvm for qemu-tools (bsc#1011144)
- Fixed a few more inaccuracies in the support docs.
- Fix support docs to indicate ARM64 is now fully L3 supported in SLES 12 SP3. Apply a few additional clarifications in the support docs. (bsc#1050268)
- Adjust to libvdeplug-devel package naming changes.
- Fix migration with xhci (bsc#1048296)
- Increase VNC delay to fix missing keyboard input events (bsc#1031692)
- Remove build dependency package iasl used for seabios
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP3
Ссылки
- Link for SUSE-SU-2017:2416-1
- E-Mail link for SUSE-SU-2017:2416-1
- SUSE Security Ratings
- SUSE Bug 1011144
- SUSE Bug 1031692
- SUSE Bug 1046636
- SUSE Bug 1047674
- SUSE Bug 1048296
- SUSE Bug 1048902
- SUSE Bug 1049381
- SUSE Bug 1050268
- SUSE CVE CVE-2017-10664 page
- SUSE CVE CVE-2017-10806 page
- SUSE CVE CVE-2017-11334 page
- SUSE CVE CVE-2017-11434 page
Описание
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
Затронутые продукты
Ссылки
- CVE-2017-10664
- SUSE Bug 1046636
- SUSE Bug 1046637
- SUSE Bug 1178658
Описание
Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.
Затронутые продукты
Ссылки
- CVE-2017-10806
- SUSE Bug 1047674
- SUSE Bug 1047675
Описание
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.
Затронутые продукты
Ссылки
- CVE-2017-11334
- SUSE Bug 1048902
- SUSE Bug 1048920
Описание
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.
Затронутые продукты
Ссылки
- CVE-2017-11434
- SUSE Bug 1049381
- SUSE Bug 1049578
- SUSE Bug 1178658