Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

SUSE: 2016:2936-1 Critical: qemu DoS Vulnerability Update

suse
Calendar Grey November 29, 2016
Dist Suse Esm H88
The recent qemu update resolves 18 security vulnerabilities in SUSE Linux, improving both system resilience and safety.
An update that solves 18 vulnerabilities and has one errata An update that solves 18 vulnerabilities and has one errata An update that solves 18 vulnerabilities and has one errata ...

Summary

This update for qemu fixes the following issues: - Patch queue updated from SLE12 - Change package post script udevadm trigger calls to be device specific (bsc#1002116) - Address various security/stability issues * Fix OOB access in xlnx.xpx-ethernetlite emulation (CVE-2016-7161 bsc#1001151) * Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516) * Fix DOS in Vmware pv scsi interface (CVE-2016-7421 bsc#999661) * Fix DOS in ColdFire Fast Ethernet Controller emulation (CVE-2016-7908 bsc#1002550) * Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878) * Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894) * Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494) * Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893) * Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454)

Topics%20covered

Topics Covered

security advisory update critical DoS patch SUSE qemu

References

#1001151 #1002116 #1002550 #1002557 #1003878

#1003893 #1003894 #1004702 #1004707 #1006536

#1006538 #1007391 #1007450 #1007454 #1007493

#1007494 #1007495 #998516 #999661

Cross- CVE-2016-7161 CVE-2016-7170 CVE-2016-7421

CVE-2016-7908 CVE-2016-7909 CVE-2016-8576

CVE-2016-8577 CVE-2016-8578 CVE-2016-8667

CVE-2016-8669 CVE-2016-8909 CVE-2016-8910

CVE-2016-9101 CVE-2016-9102 CVE-2016-9103

CVE-2016-9104 CVE-2016-9105 CVE-2016-9106

Affected Products:

SUSE Linux Enterprise Server for SAP 12

SUSE Linux Enterprise Server 12-LTSS

https://www.suse.com/security/cve/CVE-2016-7161.html

https://www.suse.com/security/cve/CVE-2016-7170.html

https://www.suse.com/security/cve/CVE-2016-7421.html

https://www.suse.com/security/cve/CVE-2016-7908.html

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2016:2936-1
Rating: important

Topics%20covered

Topics Covered

security advisory update critical DoS patch SUSE qemu

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here