SUSE: 2019:0489-1 Important: qemu Denial Of Service Fix

suse

February 26, 2019

An update that fixes 7 vulnerabilities is now available

Summary

This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156). - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493). - CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275). - CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717). - CVE-2018-7858: Fixed a denial of service which could occur while updating the VGA display, after guest has adjusted the display dimensions (bsc#1084604). - CVE-2017-13673: Fixed a denial of service in the cpu_physical_memory_snapshot_get_dirty function.

Topics Covered

security advisory denial of service security issue important heap overflow qemu SUSE OpenStack

References

#1084604 #1113231 #1116717 #1117275 #1119493

#1123156

Cross- CVE-2017-13672 CVE-2017-13673 CVE-2018-16872

CVE-2018-19364 CVE-2018-19489 CVE-2018-7858

CVE-2019-6778

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Linux Enterprise Server 12-SP2-BCL

SUSE Enterprise Storage 4

https://www.suse.com/security/cve/CVE-2017-13672.html

https://www.suse.com/security/cve/CVE-2017-13673.html

https://www.suse.com/security/cve/CVE-2018-16872.html

https://www.suse.com/security/cve/CVE-2018-19364.html

https://www.suse.com/security/cve/CVE-2018-19489.html

https://www.suse.com/security/cve/CVE-2018-7858.html

https://www.suse.com/security/cve/CVE-2019-6778.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:0489-1

Rating: important

Topics Covered

security advisory denial of service security issue important heap overflow qemu SUSE OpenStack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0489-1 Important: qemu Denial Of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0489-1 Important: qemu Denial Of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!