This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to
an integer overflow, which could lead to buffer overflow issue. It could
occur when receiving packets over the network. A user inside guest could
use this flaw to crash the Qemu process resulting in DoS (bsc#1110910).
- CVE-2018-15746: Fixed qemu-seccomp.c that might allow local OS guest
users to cause a denial of service (guest crash) by leveraging
mishandling of the seccomp policy for threads other than the main thread
(bsc#1106222).
- CVE-2018-16847: Fixed an OOB heap buffer r/w access issue that was found
in the NVM Express Controller emulation in QEMU. It could occur in
nvme_cmb_ops routines in nvme device. A guest user/process could use
this flaw to crash the QEMU process resulting in DoS or potentially run
arbitrary code with privileges of the QEMU process...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.0:
zypper in -t patch openSUSE-2018-1483=1
- openSUSE Leap 15.0 (noarch):
qemu-ipxe-1.0.0+-lp150.7.12.1
qemu-seabios-1.11.0-lp150.7.12.1
qemu-sgabios-8-lp150.7.12.1
qemu-vgabios-1.11.0-lp150.7.12.1
- openSUSE Leap 15.0 (x86_64):
qemu-2.11.2-lp150.7.12.1
qemu-arm-2.11.2-lp150.7.12.1
qemu-arm-debuginfo-2.11.2-lp150.7.12.1
qemu-block-curl-2.11.2-lp150.7.12.1
qemu-block-curl-debuginfo-2.11.2-lp150.7.12.1
qemu-block-dmg-2.11.2-lp150.7.12.1
qemu-block-dmg-debuginfo-2.11.2-lp150.7.12.1
qemu-block-gluster-2.11.2-lp150.7.12.1
qemu-block-gluster-debuginfo-2.11.2-lp150.7.12.1
qemu-block-iscsi-2.11.2-lp150.7.12.1
qemu-block-iscsi-debuginfo-2.11.2-lp150.7.12.1
qemu-block-rbd-2.11.2-lp150.7.12.1
qemu-block-rbd-debuginfo-2.11.2-lp150.7.12.1
qemu-block-ssh-2.11.2-lp150.7.12.1
qemu-block-ssh-debuginfo-2.11.2-lp150.7.12.1
qemu-debuginfo-2.11.2-lp150.7.12.1
qemu-debugsource-2.11.2-lp150.7.12.1
qemu-extra-2.11.2-lp150.7.12.1
qemu-extra-debuginfo-2.11.2-lp150.7.12.1
qemu-guest-agent-2.11.2-lp150.7.12.1
qemu-guest-agent-debuginfo-2.11.2-lp150.7.12.1
qemu-ksm-2.11.2-lp150.7.12...
Read the Full Advisoryhttps://www.suse.com/security/cve/CVE-2018-10839.html
https://www.suse.com/security/cve/CVE-2018-15746.html
https://www.suse.com/security/cve/CVE-2018-16847.html
https://www.suse.com/security/cve/CVE-2018-17958.html
https://www.suse.com/security/cve/CVE-2018-17962.html
https://www.suse.com/security/cve/CVE-2018-17963.html
https://www.suse.com/security/cve/CVE-2018-18849.html
https://bugzilla.suse.com/1106222
https://bugzilla.suse.com/1107489
https://bugzilla.suse.com/1110910
https://bugzilla.suse.com/1111006
https://bugzilla.suse.com/1111010
https://bugzilla.suse.com/1111013
https://bugzilla.suse.com/1112499
https://bugzilla.suse.com/1114422
https://bugzilla.suse.com/1114529
--
Get the latest Linux and open source security news straight to your inbox.