Описание
Security update for qemu
This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).
- CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources (bsc#1135902).
- CVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
qemu-2.3.1-33.26.1
qemu-block-curl-2.3.1-33.26.1
qemu-block-rbd-2.3.1-33.26.1
qemu-guest-agent-2.3.1-33.26.1
qemu-ipxe-1.0.0-33.26.1
qemu-kvm-2.3.1-33.26.1
qemu-lang-2.3.1-33.26.1
qemu-ppc-2.3.1-33.26.1
qemu-s390-2.3.1-33.26.1
qemu-seabios-1.8.1-33.26.1
qemu-sgabios-8-33.26.1
qemu-tools-2.3.1-33.26.1
qemu-vgabios-1.8.1-33.26.1
qemu-x86-2.3.1-33.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
qemu-2.3.1-33.26.1
qemu-block-curl-2.3.1-33.26.1
qemu-block-rbd-2.3.1-33.26.1
qemu-guest-agent-2.3.1-33.26.1
qemu-ipxe-1.0.0-33.26.1
qemu-kvm-2.3.1-33.26.1
qemu-lang-2.3.1-33.26.1
qemu-seabios-1.8.1-33.26.1
qemu-sgabios-8-33.26.1
qemu-tools-2.3.1-33.26.1
qemu-vgabios-1.8.1-33.26.1
qemu-x86-2.3.1-33.26.1
Ссылки
- Link for SUSE-SU-2019:2221-1
- E-Mail link for SUSE-SU-2019:2221-1
- SUSE Security Ratings
- SUSE Bug 1135902
- SUSE Bug 1140402
- SUSE Bug 1143794
- SUSE CVE CVE-2019-12155 page
- SUSE CVE CVE-2019-13164 page
- SUSE CVE CVE-2019-14378 page
Описание
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.26.1
Ссылки
- CVE-2019-12155
- SUSE Bug 1135902
- SUSE Bug 1135905
Описание
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.26.1
Ссылки
- CVE-2019-13164
- SUSE Bug 1140402
Описание
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.26.1
SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.26.1
Ссылки
- CVE-2019-14378
- SUSE Bug 1143794
- SUSE Bug 1143797
- SUSE Bug 1178658