Описание
Security update for kvm
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).
- CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources (bsc#1135902).
- CVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).
Список пакетов
SUSE Linux Enterprise Server 11 SP4-LTSS
kvm-1.4.2-60.27.1
Ссылки
- Link for SUSE-SU-2019:14151-1
- E-Mail link for SUSE-SU-2019:14151-1
- SUSE Security Ratings
- SUSE Bug 1135902
- SUSE Bug 1140402
- SUSE Bug 1143794
- SUSE CVE CVE-2019-12155 page
- SUSE CVE CVE-2019-13164 page
- SUSE CVE CVE-2019-14378 page
Описание
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.27.1
Ссылки
- CVE-2019-12155
- SUSE Bug 1135902
- SUSE Bug 1135905
Описание
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.27.1
Ссылки
- CVE-2019-13164
- SUSE Bug 1140402
Описание
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.27.1
Ссылки
- CVE-2019-14378
- SUSE Bug 1143794
- SUSE Bug 1143797
- SUSE Bug 1178658