Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2020:14396-1 Moderate: kvm Security Update for Multiple Issues

suse
Calendar Grey June 11, 2020
Dist Suse Esm H88
SUSE Security Patch for kvm addresses various security flaws associated with Announcement ID: SUSE-SU-2020:14396-2.
An update that fixes 6 vulnerabilities is now available

Summary

This update for kvm fixes the following issues: Security issues fixed: - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation (bsc#1146873). - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp (bsc#1170940). - CVE-2020-8608: Fixed a potential OOB access in slirp (bsc#1163018). - CVE-2020-7039: Fixed a potential OOB access in slirp (bsc#1161066). - CVE-2019-15890: Fixed a use-after-free during packet reassembly in slirp (bsc#1149811). - Fixed multiple potential DoS issues in SLIRP, similar to CVE-2019-6778 (bsc#1123156). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:

Topics%20covered

Topics Covered

security advisory moderate DoS SUSE Linux out-of-bounds kvm use-after-free

References

#1123156 #1146873 #1149811 #1161066 #1163018

#1170940

Cross- CVE-2019-12068 CVE-2019-15890 CVE-2019-6778

CVE-2020-1983 CVE-2020-7039 CVE-2020-8608

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

https://www.suse.com/security/cve/CVE-2019-12068.html

https://www.suse.com/security/cve/CVE-2019-15890.html

https://www.suse.com/security/cve/CVE-2019-6778.html

https://www.suse.com/security/cve/CVE-2020-1983.html

https://www.suse.com/security/cve/CVE-2020-7039.html

https://www.suse.com/security/cve/CVE-2020-8608.html

https://bugzilla.suse.com/1123156

https://bugzilla.suse.com/1146873

https://bugzilla.suse.com/1149811

https://bugzilla.suse.com/1161066

https://bugzilla.suse.com/1163018

https://bugzilla.suse.com/1170940

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:14396-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate DoS SUSE Linux out-of-bounds kvm use-after-free

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here