Explore top 10 tips to secure your open-source projects now. Read More
×
This update for kvm fixes several issues. These security issues were fixed: - CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1020427) - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028656) - CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt (bsc#1046636)
#1020427 #1021741 #1025109 #1028184 #1028656
#1030624 #1031051 #1034044 #1034866 #1034908
#1035406 #1035950 #1037242 #1038396 #1039495
#1042159 #1042800 #1042801 #1043296 #1045035
#1046636 #1047674 #1048902 #1049381 #1049785
#1056334 #1057585 #1062069 #1063122
Cross- CVE-2016-9602 CVE-2016-9603 CVE-2017-10664
CVE-2017-10806 CVE-2017-11334 CVE-2017-11434
CVE-2017-13672 CVE-2017-14167 CVE-2017-15038
CVE-2017-15289 CVE-2017-5579 CVE-2017-5973
CVE-2017-6505 CVE-2017-7471 CVE-2017-7493
CVE-2017-7718 CVE-2017-7980 CVE-2017-8086
CVE-2017-8309 CVE-2017-9330 CVE-2017-9373
CVE-2017-9375 CVE-2017-9503
Affected Products:
SUSE Linux Enterprise Server 11-SP4
https://www.suse.com/security/cve/CVE-2016-9602.html
https://www.suse.com/secu...
Read the Full Advisory
Get the latest Linux and open source security news straight to your inbox.