SUSE: 2019:0423-1 Important: Qemu Denial Of Service Threats

suse

February 18, 2019

An update that solves 5 vulnerabilities and has 7 fixes is now available

Summary

This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156). - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493). - CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275). - CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717). - CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957). Non-security issues fixed: - Improved disk performance for qemu on xen (bsc#1100408). - Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).

Topics Covered

security advisory denial of service important heap overflow linux enterprise qemu module

References

#1063993 #1079730 #1100408 #1101982 #1112646

#1114957 #1116717 #1117275 #1119493 #1121600

#1123156 #1123179

Cross- CVE-2018-16872 CVE-2018-18954 CVE-2018-19364

CVE-2018-19489 CVE-2019-6778

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Basesystem 15

https://www.suse.com/security/cve/CVE-2018-16872.html

https://www.suse.com/security/cve/CVE-2018-18954.html

https://www.suse.com/security/cve/CVE-2018-19364.html

https://www.suse.com/security/cve/CVE-2018-19489.html

https://www.suse.com/security/cve/CVE-2019-6778.html

https://bugzilla.suse.com/1063993

https://bugzilla.suse.com/1079730

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:0423-1

Rating: important

Topics Covered

security advisory denial of service important heap overflow linux enterprise qemu module

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0423-1 Important: Qemu Denial Of Service Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0423-1 Important: Qemu Denial Of Service Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!