Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2020:1516-1 Moderate: qemu Use-After-Free Vulnerability Risk

suse
Calendar Grey June 2, 2020
Dist Suse Esm H88
UBUNTU announced a software patch for libvirt tackling significant vulnerabilities, featuring a severe buffer overflow flaw.
An update that solves one vulnerability and has one errata is now available

Summary

This update for qemu fixes the following issues: Security issue fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp (bsc#1170940). Non-security issue fixed: - Fixed an issue where limiting the memory bandwidth was not possible (bsc#1167816). - Miscellaneous fixes to the in-package support documentation. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1516=1 Package List: - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): qemu-3.1.1.1-3.14.1 qemu-audio-alsa-3.1.1.1-3.14.1

Topics%20covered

Topics Covered

security advisory moderate software update SUSE use-after-free qemu

References

#1167816 #1170940

Cross- CVE-2020-1983

Affected Products:

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2020-1983.html

https://bugzilla.suse.com/1167816

https://bugzilla.suse.com/1170940

Announcement ID: SUSE-SU-2020:1516-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate software update SUSE use-after-free qemu

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here