Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2019:14201-1 Important: Xen Denial of Service and Buffer Overflow

suse
Calendar Grey October 25, 2019
Dist Suse Esm H88
Debian Security Update for libxml2 addresses 10 vulnerabilities, improving overall system integrity with vital corrections and enhancements.
An update that fixes 12 vulnerabilities is now available

Summary

This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service (bsc#1149813). - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service (bsc#1146874). - CVE-2019-14378: Fixed a heap buffer overflow in SLiRp networking implementation of QEMU emulator which could have led to execution of arbitrary code with privileges of the QEMU process (bsc#1143797). - CVE-2019-12067: Fixed a null pointer dereference which could have led to denial of service (bsc#1145652). - CVE-2019-12155: Fixed a null pointer dereference in QXL VGA card emulator of QEMU which could have led to denial of service (bsc#1135905).

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow important heap overflow SUSE Linux xen

References

#1047675 #1126140 #1126141 #1126192 #1126195

#1126196 #1130680 #1135905 #1143797 #1145652

#1146874 #1149813

Cross- CVE-2017-10806 CVE-2018-20815 CVE-2019-12067

CVE-2019-12068 CVE-2019-12155 CVE-2019-14378

CVE-2019-15890 CVE-2019-17340 CVE-2019-17341

CVE-2019-17342 CVE-2019-17343 CVE-2019-17344

Affected Products:

SUSE Linux Enterprise Point of Sale 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2017-10806.html

https://www.suse.com/security/cve/CVE-2018-20815.html

https://www.suse.com/security/cve/CVE-2019-12067.html

https://www.suse.com/security/cve/CVE-2019-12068.html

https://www.suse.com/security/cve/CVE-2019-12155.html

https://www.suse.com/security/cve/CVE-2019-14378.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:14201-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow important heap overflow SUSE Linux xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here