Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE 2020:1526-1 Moderate: Resolved QEMU Security Vulnerabilities

suse
Calendar Grey June 3, 2020
Dist Suse Esm H88
SUSE reveals essential patches for qemu, targeting multiple security vulnerabilities while improving overall system reliability and protection.
An update that fixes 7 vulnerabilities is now available

Summary

This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code (bsc#1166240). - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation (bsc#1146873). - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp (bsc#1170940). - CVE-2020-8608: Fixed a potential OOB access in slirp (bsc#1163018). - CVE-2020-7039: Fixed a potential OOB access in slirp (bsc#1161066). - CVE-2019-15890: Fixed a use-after-free during packet reassembly in slirp (bsc#1149811). - Fixed multiple potential DoS issues in SLIRP, similar to CVE-2019-6778 (bsc#1123156). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory moderate DoS patch SUSE qemu OOB access

References

#1123156 #1146873 #1149811 #1161066 #1163018

#1166240 #1170940

Cross- CVE-2019-12068 CVE-2019-15890 CVE-2019-6778

CVE-2020-1711 CVE-2020-1983 CVE-2020-7039

CVE-2020-8608

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Linux Enterprise Server 12-SP2-BCL

https://www.suse.com/security/cve/CVE-2019-12068.html

https://www.suse.com/security/cve/CVE-2019-15890.html

https://www.suse.com/security/cve/CVE-2019-6778.html

https://www.suse.com/security/cve/CVE-2020-1711.html

https://www.suse.com/security/cve/CVE-2020-1983.html

https://www.suse.com/security/cve/CVE-2020-7039.html

https://www.suse.com/security/cve/CVE-2020-8608.html

https://bugzilla.suse.com/1123156

Announcement ID: SUSE-SU-2020:1526-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate DoS patch SUSE qemu OOB access

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here