Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE Linux 11-SP4: SUSE-SU-2019:14199-1 Important: Xen Denial of Service

suse
Calendar Grey October 24, 2019
Dist Suse Esm H88
SUSE security update for xen addresses critical vulnerabilities identified in SUSE-SU-2019:14199-1 release, ensuring the protection of server environments.
An update that fixes 13 vulnerabilities is now available

Summary

This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service (bsc#1149813). - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service (bsc#1146874). - CVE-2019-14378: Fixed a heap buffer overflow in SLiRp networking implementation of QEMU emulator which could have led to execution of arbitrary code with privileges of the QEMU process (bsc#1143797). - CVE-2019-12067: Fixed a null pointer dereference which could have led to denial of service (bsc#1145652). - CVE-2019-12155: Fixed a null pointer dereference in QXL VGA card emulator of QEMU which could have led to denial of service (bsc#1135905). Patch Instructions:

Topics%20covered

Topics Covered

security advisory update buffer overflow important Denial of Service SUSE Linux xen

References

#1126140 #1126141 #1126192 #1126195 #1126196

#1126198 #1126201 #1127400 #1135905 #1143797

#1145652 #1146874 #1149813

Cross- CVE-2019-12067 CVE-2019-12068 CVE-2019-12155

CVE-2019-14378 CVE-2019-15890 CVE-2019-17340

CVE-2019-17341 CVE-2019-17342 CVE-2019-17343

CVE-2019-17344 CVE-2019-17346 CVE-2019-17347

CVE-2019-17348

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2019-12067.html

https://www.suse.com/security/cve/CVE-2019-12068.html

https://www.suse.com/security/cve/CVE-2019-12155.html

https://www.suse.com/security/cve/CVE-2019-14378.html

https://www.suse.com/security/cve/CVE-2019-15890.html

https://www.suse.com/security/cve/CVE-2019-17340.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:14199-1
Rating: important

Topics%20covered

Topics Covered

security advisory update buffer overflow important Denial of Service SUSE Linux xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here