Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

SUSE: 2012:1320-1 Important: Qemu Emulation Buffer Overflow Threat

suse
Calendar Grey October 9, 2012
Dist Suse Esm H88
SUSE Security Bulletin resolves urgent vulnerabilities in qemu, accompanied by steps for efficient application of patches.
An update that fixes two vulnerabilities is now available

Summary

The qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17). CVE-2012-0029: A buffer overflow in the e1000 device emulation was fixed Security Issue references: * CVE-2012-3515 * CVE-2012-0029 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-qemu-6852 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Studio Onsite 1.2 (x86_64): qemu-0.10.1-0.5.7.1

Topics%20covered

Topics Covered

security advisory buffer overflow important qemu emulation threat

References

#740165 #777084

Cross- CVE-2012-0029 CVE-2012-3515

Affected Products:

SUSE Studio Onsite 1.2

https://www.suse.com/security/cve/CVE-2012-0029.html

https://www.suse.com/security/cve/CVE-2012-3515.html

https://login.microfocus.com/nidp/app/login?sid=0

https://login.microfocus.com/nidp/app/login?sid=0

https://login.microfocus.com/nidp/app/login?sid=0

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2012:1320-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow important qemu emulation threat

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here