SUSE Security Update: Security update for qemu
______________________________________________________________________________

Announcement ID:    SUSE-SU-2016:1560-1
Rating:             important
References:         #886378 #895528 #901508 #928393 #934069 #940929 
                    #944463 #947159 #958491 #958917 #959005 #959386 
                    #960334 #960708 #960725 #960835 #961332 #961333 
                    #961358 #961556 #961691 #962320 #963782 #964413 
                    #967969 #969121 #969122 #969350 #970036 #970037 
                    #975128 #975136 #975700 #976109 #978158 #978160 
                    #980711 #980723 #981266 
Cross-References:   CVE-2014-3615 CVE-2014-3689 CVE-2014-9718
                    CVE-2015-3214 CVE-2015-5239 CVE-2015-5745
                    CVE-2015-7295 CVE-2015-7549 CVE-2015-8504
                    CVE-2015-8558 CVE-2015-8567 CVE-2015-8568
                    CVE-2015-8613 CVE-2015-8619 CVE-2015-8743
                    CVE-2015-8744 CVE-2015-8745 CVE-2015-8817
                    CVE-2015-8818 CVE-2016-1568 CVE-2016-1714
                    CVE-2016-1922 CVE-2016-1981 CVE-2016-2198
                    CVE-2016-2538 CVE-2016-2841 CVE-2016-2857
                    CVE-2016-2858 CVE-2016-3710 CVE-2016-3712
                    CVE-2016-4001 CVE-2016-4002 CVE-2016-4020
                    CVE-2016-4037 CVE-2016-4439 CVE-2016-4441
                    CVE-2016-4952
Affected Products:
                    SUSE Linux Enterprise Server 12
                    SUSE Linux Enterprise Desktop 12
______________________________________________________________________________

   An update that solves 37 vulnerabilities and has two fixes
   is now available.

Description:

   qemu was updated to fix 37 security issues.

   These security issues were fixed:
   - CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)
   - CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)
   - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation (bsc#981266)
   - CVE-2015-8817: Avoid OOB access in PCI DMA I/O (bsc#969121)
   - CVE-2015-8818: Avoid OOB access in PCI DMA I/O (bsc#969122)
   - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for
     guest escape (bsc#978158)
   - CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit
     (bsc#978160)
   - CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)
   - CVE-2016-2538: Fixed potential OOB access in USB net device emulation
     (bsc#967969)
   - CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)
   - CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number
     generator (bsc#970036)
   - CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)
   - CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic
     (bsc#975128)
   - CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller
     (bsc#975136)
   - CVE-2016-4020: Fixed possible host data leakage to guest from TPR access
     (bsc#975700)
   - CVE-2015-3214: Fixed OOB read in i8254 PIC (bsc#934069)
   - CVE-2014-9718: Fixed the handling of malformed or short ide PRDTs to
     avoid any opportunity for guest to cause DoS by abusing that interface
     (bsc#928393)
   - CVE-2014-3689: Fixed insufficient parameter validation in rectangle
     functions (bsc#901508)
   - CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to
     read host memory by setting the display to a high resolution
     (bsc#895528).
   - CVE-2015-5239: Integer overflow in vnc_client_read() and
     protocol_client_msg() (bsc#944463).
   - CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).
   - CVE-2015-7295: hw/virtio/virtio.c in the Virtual Network Device
     (virtio-net) support in QEMU, when big or mergeable receive buffers are
     not supported, allowed remote attackers to cause a denial of service
     (guest network consumption) via a flood of jumbo frames on the (1)
     tuntap or (2) macvtap interface (bsc#947159).
   - CVE-2015-7549: PCI null pointer dereferences (bsc#958917).
   - CVE-2015-8504: VNC floating point exception (bsc#958491).
   - CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS
     (bsc#959005).
   - CVE-2015-8567: A guest repeatedly activating a vmxnet3 device can leak
     host memory (bsc#959386).
   - CVE-2015-8568: A guest repeatedly activating a vmxnet3 device can leak
     host memory (bsc#959386).
   - CVE-2015-8613: Wrong sized memset in megasas command handler
     (bsc#961358).
   - CVE-2015-8619: Potential DoS for long HMP sendkey command argument
     (bsc#960334).
   - CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions
     (bsc#960725).
   - CVE-2015-8744: Incorrect l2 header validation could have lead to a crash
     via assert(2) call (bsc#960835).
   - CVE-2015-8745: Reading IMR registers could have lead to a crash via
     assert(2) call (bsc#960708).
   - CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).
   - CVE-2016-1714: Potential OOB memory access in processing firmware
     configuration (bsc#961691).
   - CVE-2016-1922: NULL pointer dereference when processing hmp i/o command
     (bsc#962320).
   - CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation
     by malicious privileged user within guest (bsc#963782).
   - CVE-2016-2198: Malicious privileged guest user were able to cause DoS by
     writing to read-only EHCI capabilities registers (bsc#964413).

   This non-security issue was fixed
   - bsc#886378: qemu truncates vhd images in virt-rescue


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12:

      zypper in -t patch SUSE-SLE-SERVER-12-2016-924=1

   - SUSE Linux Enterprise Desktop 12:

      zypper in -t patch SUSE-SLE-DESKTOP-12-2016-924=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):

      qemu-2.0.2-48.19.1
      qemu-block-curl-2.0.2-48.19.1
      qemu-block-curl-debuginfo-2.0.2-48.19.1
      qemu-debugsource-2.0.2-48.19.1
      qemu-guest-agent-2.0.2-48.19.1
      qemu-guest-agent-debuginfo-2.0.2-48.19.1
      qemu-lang-2.0.2-48.19.1
      qemu-tools-2.0.2-48.19.1
      qemu-tools-debuginfo-2.0.2-48.19.1

   - SUSE Linux Enterprise Server 12 (s390x x86_64):

      qemu-kvm-2.0.2-48.19.1

   - SUSE Linux Enterprise Server 12 (ppc64le):

      qemu-ppc-2.0.2-48.19.1
      qemu-ppc-debuginfo-2.0.2-48.19.1

   - SUSE Linux Enterprise Server 12 (x86_64):

      qemu-block-rbd-2.0.2-48.19.1
      qemu-block-rbd-debuginfo-2.0.2-48.19.1
      qemu-x86-2.0.2-48.19.1
      qemu-x86-debuginfo-2.0.2-48.19.1

   - SUSE Linux Enterprise Server 12 (noarch):

      qemu-ipxe-1.0.0-48.19.1
      qemu-seabios-1.7.4-48.19.1
      qemu-sgabios-8-48.19.1
      qemu-vgabios-1.7.4-48.19.1

   - SUSE Linux Enterprise Server 12 (s390x):

      qemu-s390-2.0.2-48.19.1
      qemu-s390-debuginfo-2.0.2-48.19.1

   - SUSE Linux Enterprise Desktop 12 (x86_64):

      qemu-2.0.2-48.19.1
      qemu-block-curl-2.0.2-48.19.1
      qemu-block-curl-debuginfo-2.0.2-48.19.1
      qemu-debugsource-2.0.2-48.19.1
      qemu-kvm-2.0.2-48.19.1
      qemu-tools-2.0.2-48.19.1
      qemu-tools-debuginfo-2.0.2-48.19.1
      qemu-x86-2.0.2-48.19.1
      qemu-x86-debuginfo-2.0.2-48.19.1

   - SUSE Linux Enterprise Desktop 12 (noarch):

      qemu-ipxe-1.0.0-48.19.1
      qemu-seabios-1.7.4-48.19.1
      qemu-sgabios-8-48.19.1
      qemu-vgabios-1.7.4-48.19.1


References:

   https://www.suse.com/security/cve/CVE-2014-3615.html
   https://www.suse.com/security/cve/CVE-2014-3689.html
   https://www.suse.com/security/cve/CVE-2014-9718.html
   https://www.suse.com/security/cve/CVE-2015-3214.html
   https://www.suse.com/security/cve/CVE-2015-5239.html
   https://www.suse.com/security/cve/CVE-2015-5745.html
   https://www.suse.com/security/cve/CVE-2015-7295.html
   https://www.suse.com/security/cve/CVE-2015-7549.html
   https://www.suse.com/security/cve/CVE-2015-8504.html
   https://www.suse.com/security/cve/CVE-2015-8558.html
   https://www.suse.com/security/cve/CVE-2015-8567.html
   https://www.suse.com/security/cve/CVE-2015-8568.html
   https://www.suse.com/security/cve/CVE-2015-8613.html
   https://www.suse.com/security/cve/CVE-2015-8619.html
   https://www.suse.com/security/cve/CVE-2015-8743.html
   https://www.suse.com/security/cve/CVE-2015-8744.html
   https://www.suse.com/security/cve/CVE-2015-8745.html
   https://www.suse.com/security/cve/CVE-2015-8817.html
   https://www.suse.com/security/cve/CVE-2015-8818.html
   https://www.suse.com/security/cve/CVE-2016-1568.html
   https://www.suse.com/security/cve/CVE-2016-1714.html
   https://www.suse.com/security/cve/CVE-2016-1922.html
   https://www.suse.com/security/cve/CVE-2016-1981.html
   https://www.suse.com/security/cve/CVE-2016-2198.html
   https://www.suse.com/security/cve/CVE-2016-2538.html
   https://www.suse.com/security/cve/CVE-2016-2841.html
   https://www.suse.com/security/cve/CVE-2016-2857.html
   https://www.suse.com/security/cve/CVE-2016-2858.html
   https://www.suse.com/security/cve/CVE-2016-3710.html
   https://www.suse.com/security/cve/CVE-2016-3712.html
   https://www.suse.com/security/cve/CVE-2016-4001.html
   https://www.suse.com/security/cve/CVE-2016-4002.html
   https://www.suse.com/security/cve/CVE-2016-4020.html
   https://www.suse.com/security/cve/CVE-2016-4037.html
   https://www.suse.com/security/cve/CVE-2016-4439.html
   https://www.suse.com/security/cve/CVE-2016-4441.html
   https://www.suse.com/security/cve/CVE-2016-4952.html
   https://bugzilla.suse.com/886378
   https://bugzilla.suse.com/895528
   https://bugzilla.suse.com/901508
   https://bugzilla.suse.com/928393
   https://bugzilla.suse.com/934069
   https://bugzilla.suse.com/940929
   https://bugzilla.suse.com/944463
   https://bugzilla.suse.com/947159
   https://bugzilla.suse.com/958491
   https://bugzilla.suse.com/958917
   https://bugzilla.suse.com/959005
   https://bugzilla.suse.com/959386
   https://bugzilla.suse.com/960334
   https://bugzilla.suse.com/960708
   https://bugzilla.suse.com/960725
   https://bugzilla.suse.com/960835
   https://bugzilla.suse.com/961332
   https://bugzilla.suse.com/961333
   https://bugzilla.suse.com/961358
   https://bugzilla.suse.com/961556
   https://bugzilla.suse.com/961691
   https://bugzilla.suse.com/962320
   https://bugzilla.suse.com/963782
   https://bugzilla.suse.com/964413
   https://bugzilla.suse.com/967969
   https://bugzilla.suse.com/969121
   https://bugzilla.suse.com/969122
   https://bugzilla.suse.com/969350
   https://bugzilla.suse.com/970036
   https://bugzilla.suse.com/970037
   https://bugzilla.suse.com/975128
   https://bugzilla.suse.com/975136
   https://bugzilla.suse.com/975700
   https://bugzilla.suse.com/976109
   https://bugzilla.suse.com/978158
   https://bugzilla.suse.com/978160
   https://bugzilla.suse.com/980711
   https://bugzilla.suse.com/980723
   https://bugzilla.suse.com/981266

SuSE: 2016:1560-1: important: qemu

June 13, 2016
An update that solves 37 vulnerabilities and has two fixes An update that solves 37 vulnerabilities and has two fixes An update that solves 37 vulnerabilities and has two fixes is ...

Summary

qemu was updated to fix 37 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711) - CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723) - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation (bsc#981266) - CVE-2015-8817: Avoid OOB access in PCI DMA I/O (bsc#969121) - CVE-2015-8818: Avoid OOB access in PCI DMA I/O (bsc#969122) - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape (bsc#978158) - CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit (bsc#978160) - CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109) - CVE-2016-2538: Fixed potential OOB access in USB net device emulation (bsc#967969) - CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350) - CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number generator (bsc#970036) - CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037) - CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic (bsc#975128) - CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller (bsc#975136) - CVE-2016-4020: Fixed possible host data leakage to guest from TPR access (bsc#975700) - CVE-2015-3214: Fixed OOB read in i8254 PIC (bsc#934069) - CVE-2014-9718: Fixed the handling of malformed or short ide PRDTs to avoid any opportunity for guest to cause DoS by abusing that interface (bsc#928393) - CVE-2014-3689: Fixed insufficient parameter validation in rectangle functions (bsc#901508) - CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to read host memory by setting the display to a high resolution (bsc#895528). - CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463). - CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929). - CVE-2015-7295: hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allowed remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface (bsc#947159). - CVE-2015-7549: PCI null pointer dereferences (bsc#958917). - CVE-2015-8504: VNC floating point exception (bsc#958491). - CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS (bsc#959005). - CVE-2015-8567: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386). - CVE-2015-8568: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386). - CVE-2015-8613: Wrong sized memset in megasas command handler (bsc#961358). - CVE-2015-8619: Potential DoS for long HMP sendkey command argument (bsc#960334). - CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions (bsc#960725). - CVE-2015-8744: Incorrect l2 header validation could have lead to a crash via assert(2) call (bsc#960835). - CVE-2015-8745: Reading IMR registers could have lead to a crash via assert(2) call (bsc#960708). - CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332). - CVE-2016-1714: Potential OOB memory access in processing firmware configuration (bsc#961691). - CVE-2016-1922: NULL pointer dereference when processing hmp i/o command (bsc#962320). - CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation by malicious privileged user within guest (bsc#963782). - CVE-2016-2198: Malicious privileged guest user were able to cause DoS by writing to read-only EHCI capabilities registers (bsc#964413). This non-security issue was fixed - bsc#886378: qemu truncates vhd images in virt-rescue Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-924=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-924=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): qemu-2.0.2-48.19.1 qemu-block-curl-2.0.2-48.19.1 qemu-block-curl-debuginfo-2.0.2-48.19.1 qemu-debugsource-2.0.2-48.19.1 qemu-guest-agent-2.0.2-48.19.1 qemu-guest-agent-debuginfo-2.0.2-48.19.1 qemu-lang-2.0.2-48.19.1 qemu-tools-2.0.2-48.19.1 qemu-tools-debuginfo-2.0.2-48.19.1 - SUSE Linux Enterprise Server 12 (s390x x86_64): qemu-kvm-2.0.2-48.19.1 - SUSE Linux Enterprise Server 12 (ppc64le): qemu-ppc-2.0.2-48.19.1 qemu-ppc-debuginfo-2.0.2-48.19.1 - SUSE Linux Enterprise Server 12 (x86_64): qemu-block-rbd-2.0.2-48.19.1 qemu-block-rbd-debuginfo-2.0.2-48.19.1 qemu-x86-2.0.2-48.19.1 qemu-x86-debuginfo-2.0.2-48.19.1 - SUSE Linux Enterprise Server 12 (noarch): qemu-ipxe-1.0.0-48.19.1 qemu-seabios-1.7.4-48.19.1 qemu-sgabios-8-48.19.1 qemu-vgabios-1.7.4-48.19.1 - SUSE Linux Enterprise Server 12 (s390x): qemu-s390-2.0.2-48.19.1 qemu-s390-debuginfo-2.0.2-48.19.1 - SUSE Linux Enterprise Desktop 12 (x86_64): qemu-2.0.2-48.19.1 qemu-block-curl-2.0.2-48.19.1 qemu-block-curl-debuginfo-2.0.2-48.19.1 qemu-debugsource-2.0.2-48.19.1 qemu-kvm-2.0.2-48.19.1 qemu-tools-2.0.2-48.19.1 qemu-tools-debuginfo-2.0.2-48.19.1 qemu-x86-2.0.2-48.19.1 qemu-x86-debuginfo-2.0.2-48.19.1 - SUSE Linux Enterprise Desktop 12 (noarch): qemu-ipxe-1.0.0-48.19.1 qemu-seabios-1.7.4-48.19.1 qemu-sgabios-8-48.19.1 qemu-vgabios-1.7.4-48.19.1

References

#886378 #895528 #901508 #928393 #934069 #940929

#944463 #947159 #958491 #958917 #959005 #959386

#960334 #960708 #960725 #960835 #961332 #961333

#961358 #961556 #961691 #962320 #963782 #964413

#967969 #969121 #969122 #969350 #970036 #970037

#975128 #975136 #975700 #976109 #978158 #978160

#980711 #980723 #981266

Cross- CVE-2014-3615 CVE-2014-3689 CVE-2014-9718

CVE-2015-3214 CVE-2015-5239 CVE-2015-5745

CVE-2015-7295 CVE-2015-7549 CVE-2015-8504

CVE-2015-8558 CVE-2015-8567 CVE-2015-8568

CVE-2015-8613 CVE-2015-8619 CVE-2015-8743

CVE-2015-8744 CVE-2015-8745 CVE-2015-8817

CVE-2015-8818 CVE-2016-1568 CVE-2016-1714

CVE-2016-1922 CVE-2016-1981 CVE-2016-2198

CVE-2016-2538 CVE-2016-2841 CVE-2016-2857

CVE-2016-2858 CVE-2016-3710 CVE-2016-3712

CVE-2016-4001 CVE-2016-4002 CVE-2016-4020

CVE-2016-4037 CVE-2016-4439 CVE-2016-4441

CVE-2016-4952

Affected Products:

SUSE Linux Enterprise Server 12

SUSE Linux Enterprise Desktop 12

https://www.suse.com/security/cve/CVE-2014-3615.html

https://www.suse.com/security/cve/CVE-2014-3689.html

https://www.suse.com/security/cve/CVE-2014-9718.html

https://www.suse.com/security/cve/CVE-2015-3214.html

https://www.suse.com/security/cve/CVE-2015-5239.html

https://www.suse.com/security/cve/CVE-2015-5745.html

https://www.suse.com/security/cve/CVE-2015-7295.html

https://www.suse.com/security/cve/CVE-2015-7549.html

https://www.suse.com/security/cve/CVE-2015-8504.html

https://www.suse.com/security/cve/CVE-2015-8558.html

https://www.suse.com/security/cve/CVE-2015-8567.html

https://www.suse.com/security/cve/CVE-2015-8568.html

https://www.suse.com/security/cve/CVE-2015-8613.html

https://www.suse.com/security/cve/CVE-2015-8619.html

https://www.suse.com/security/cve/CVE-2015-8743.html

https://www.suse.com/security/cve/CVE-2015-8744.html

https://www.suse.com/security/cve/CVE-2015-8745.html

https://www.suse.com/security/cve/CVE-2015-8817.html

https://www.suse.com/security/cve/CVE-2015-8818.html

https://www.suse.com/security/cve/CVE-2016-1568.html

https://www.suse.com/security/cve/CVE-2016-1714.html

https://www.suse.com/security/cve/CVE-2016-1922.html

https://www.suse.com/security/cve/CVE-2016-1981.html

https://www.suse.com/security/cve/CVE-2016-2198.html

https://www.suse.com/security/cve/CVE-2016-2538.html

https://www.suse.com/security/cve/CVE-2016-2841.html

https://www.suse.com/security/cve/CVE-2016-2857.html

https://www.suse.com/security/cve/CVE-2016-2858.html

https://www.suse.com/security/cve/CVE-2016-3710.html

https://www.suse.com/security/cve/CVE-2016-3712.html

https://www.suse.com/security/cve/CVE-2016-4001.html

https://www.suse.com/security/cve/CVE-2016-4002.html

https://www.suse.com/security/cve/CVE-2016-4020.html

https://www.suse.com/security/cve/CVE-2016-4037.html

https://www.suse.com/security/cve/CVE-2016-4439.html

https://www.suse.com/security/cve/CVE-2016-4441.html

https://www.suse.com/security/cve/CVE-2016-4952.html

https://bugzilla.suse.com/886378

https://bugzilla.suse.com/895528

https://bugzilla.suse.com/901508

https://bugzilla.suse.com/928393

https://bugzilla.suse.com/934069

https://bugzilla.suse.com/940929

https://bugzilla.suse.com/944463

https://bugzilla.suse.com/947159

https://bugzilla.suse.com/958491

https://bugzilla.suse.com/958917

https://bugzilla.suse.com/959005

https://bugzilla.suse.com/959386

https://bugzilla.suse.com/960334

https://bugzilla.suse.com/960708

https://bugzilla.suse.com/960725

https://bugzilla.suse.com/960835

https://bugzilla.suse.com/961332

https://bugzilla.suse.com/961333

https://bugzilla.suse.com/961358

https://bugzilla.suse.com/961556

https://bugzilla.suse.com/961691

https://bugzilla.suse.com/962320

https://bugzilla.suse.com/963782

https://bugzilla.suse.com/964413

https://bugzilla.suse.com/967969

https://bugzilla.suse.com/969121

https://bugzilla.suse.com/969122

https://bugzilla.suse.com/969350

https://bugzilla.suse.com/970036

https://bugzilla.suse.com/970037

https://bugzilla.suse.com/975128

https://bugzilla.suse.com/975136

https://bugzilla.suse.com/975700

https://bugzilla.suse.com/976109

https://bugzilla.suse.com/978158

https://bugzilla.suse.com/978160

https://bugzilla.suse.com/980711

https://bugzilla.suse.com/980723

https://bugzilla.suse.com/981266

Severity
Announcement ID: SUSE-SU-2016:1560-1
Rating: important

Related News

Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
2 - 4 min read
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved