Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

SUSE: 2020:2015-1 Important: QEMU Denial Of Service Updates

suse
Calendar Grey July 23, 2020
Dist Suse Esm H88
Patch for qemu addresses 5 vulnerabilities, notably including critical denial of service issues with significant severity.
An update that fixes 5 vulnerabilities is now available

Summary

This update for qemu to version 4.2.1 fixes the following issues: - CVE-2020-10761: Fixed a denial of service in Network Block Device (nbd) support infrastructure (bsc#1172710). - CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation (bsc#1172495). - CVE-2020-13659: Fixed a null pointer dereference possibility in MegaRAID SAS 8708EM2 emulation (bsc#1172386). - CVE-2020-13362: Fixed an OOB access possibility in MegaRAID SAS 8708EM2 emulation (bsc#1172383). - CVE-2020-13361: Fixed an OOB access possibility in ES1370 audio device emulation (bsc#1172384). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:

Topics%20covered

Topics Covered

security advisory denial of service patch important suse out of bounds qemu

References

#1172383 #1172384 #1172386 #1172495 #1172710

Cross- CVE-2020-10761 CVE-2020-13361 CVE-2020-13362

CVE-2020-13659 CVE-2020-13800

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15-SP2

SUSE Linux Enterprise Module for Basesystem 15-SP2

https://www.suse.com/security/cve/CVE-2020-10761.html

https://www.suse.com/security/cve/CVE-2020-13361.html

https://www.suse.com/security/cve/CVE-2020-13362.html

https://www.suse.com/security/cve/CVE-2020-13659.html

https://www.suse.com/security/cve/CVE-2020-13800.html

https://bugzilla.suse.com/1172383

https://bugzilla.suse.com/1172384

https://bugzilla.suse.com/1172386

https://bugzilla.suse.com/1172495

https://bugzilla.suse.com/1172710

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2015-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service patch important suse out of bounds qemu

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here