Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:0036-1

Опубликовано: 08 янв. 2018
Источник: suse-cvrf

Описание

Security update for qemu

This update for qemu fixes the following issues:

This update for qemu fixes the following issues:

A mitigation for a security flaw has been applied:

  • CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to allow enabling/disabling branch prediction features in the Intel CPU. (bsc#1068032)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2
qemu-2.6.2-41.31.1
qemu-block-curl-2.6.2-41.31.1
qemu-ipxe-1.0.0-41.31.1
qemu-kvm-2.6.2-41.31.1
qemu-seabios-1.9.1-41.31.1
qemu-sgabios-8-41.31.1
qemu-tools-2.6.2-41.31.1
qemu-vgabios-1.9.1-41.31.1
qemu-x86-2.6.2-41.31.1
SUSE Linux Enterprise Server 12 SP2
qemu-2.6.2-41.31.1
qemu-arm-2.6.2-41.31.1
qemu-block-curl-2.6.2-41.31.1
qemu-block-rbd-2.6.2-41.31.1
qemu-block-ssh-2.6.2-41.31.1
qemu-guest-agent-2.6.2-41.31.1
qemu-ipxe-1.0.0-41.31.1
qemu-kvm-2.6.2-41.31.1
qemu-lang-2.6.2-41.31.1
qemu-ppc-2.6.2-41.31.1
qemu-s390-2.6.2-41.31.1
qemu-seabios-1.9.1-41.31.1
qemu-sgabios-8-41.31.1
qemu-tools-2.6.2-41.31.1
qemu-vgabios-1.9.1-41.31.1
qemu-x86-2.6.2-41.31.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
qemu-2.6.2-41.31.1
qemu-arm-2.6.2-41.31.1
qemu-block-curl-2.6.2-41.31.1
qemu-block-rbd-2.6.2-41.31.1
qemu-block-ssh-2.6.2-41.31.1
qemu-guest-agent-2.6.2-41.31.1
qemu-ipxe-1.0.0-41.31.1
qemu-lang-2.6.2-41.31.1
qemu-tools-2.6.2-41.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
qemu-2.6.2-41.31.1
qemu-arm-2.6.2-41.31.1
qemu-block-curl-2.6.2-41.31.1
qemu-block-rbd-2.6.2-41.31.1
qemu-block-ssh-2.6.2-41.31.1
qemu-guest-agent-2.6.2-41.31.1
qemu-ipxe-1.0.0-41.31.1
qemu-kvm-2.6.2-41.31.1
qemu-lang-2.6.2-41.31.1
qemu-ppc-2.6.2-41.31.1
qemu-s390-2.6.2-41.31.1
qemu-seabios-1.9.1-41.31.1
qemu-sgabios-8-41.31.1
qemu-tools-2.6.2-41.31.1
qemu-vgabios-1.9.1-41.31.1
qemu-x86-2.6.2-41.31.1

Ссылки

Описание

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:qemu-2.6.2-41.31.1
SUSE Linux Enterprise Desktop 12 SP2:qemu-block-curl-2.6.2-41.31.1
SUSE Linux Enterprise Desktop 12 SP2:qemu-ipxe-1.0.0-41.31.1
SUSE Linux Enterprise Desktop 12 SP2:qemu-kvm-2.6.2-41.31.1
Ссылки