SUSE Linux Enterprise 12: SUSE-SU-2015:1782-1 Important: QEMU Issues Fixed

suse

October 20, 2015

An update that solves 5 vulnerabilities and has 10 fixes is An update that solves 5 vulnerabilities and has 10 fixes is An update that solves 5 vulnerabilities and has 10 fixes is ...

Summary

qemu was updated to fix several security issues and bugs. The following vulnerabilities were fixed: - CVE-2015-5154: Heap-based buffer overflow in the IDE subsystem in QEMU, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. (bsc#938344). - CVE-2015-5278: QEMU was vulnerable to an infinite loop issue that could occur when receiving packets over the network. (bsc#945989) - CVE-2015-5279: QEMU was vulnerable to a heap buffer overflow issue that could occur when receiving packets over the network. (bsc#945987) - CVE-2015-6855: QEMU was vulnerable to a divide by zero issue that could occur while executing an IDE command WIN_READ_NATIVE_MAX to determine the maximum size of a drive. (bsc#945404)

Topics Covered

security advisory denial of service heap overflow system update SUSE network issue qemu

References

#902737 #928308 #934506 #934517 #936537 #937125

#937572 #938344 #939216 #943446 #944017 #945404

#945778 #945987 #945989

Cross- CVE-2014-7815 CVE-2015-5154 CVE-2015-5278

CVE-2015-5279 CVE-2015-6855

Affected Products:

SUSE Linux Enterprise Server 12

SUSE Linux Enterprise Desktop 12

https://www.suse.com/security/cve/CVE-2014-7815.html

https://www.suse.com/security/cve/CVE-2015-5154.html

https://www.suse.com/security/cve/CVE-2015-5278.html

https://www.suse.com/security/cve/CVE-2015-5279.html

https://www.suse.com/security/cve/CVE-2015-6855.html

https://bugzilla.suse.com/show_bug.cgi?id=902737

https://bugzilla.suse.com/show_bug.cgi?id=928308

https://bugzilla.suse.com/show_bug.cgi?id=934506

https://bugzilla.suse.com/show_bug.cgi?id=934517

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:1782-1

Rating: important

Topics Covered

security advisory denial of service heap overflow system update SUSE network issue qemu

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 12: SUSE-SU-2015:1782-1 Important: QEMU Issues Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 12: SUSE-SU-2015:1782-1 Important: QEMU Issues Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!