SUSE-SU-2016:1703-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:1703-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2016:1703-1
- Related
- Published
- 2016-06-29T05:47:55Z
- Modified
- 2016-06-29T05:47:55Z
- Summary
- Security update for qemu
- Details
-
qemu was updated to fix 29 security issues.
These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711) - CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723) - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation (bsc#981266) - CVE-2015-8817: Avoid OOB access in PCI dma I/O (bsc#969121) - CVE-2015-8818: Avoid OOB access in PCI dma I/O (bsc#969122) - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape (bsc#978158) - CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit (bsc#978160) - CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109) - CVE-2016-2538: Fixed potential OOB access in USB net device emulation (bsc#967969) - CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350) - CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number generator (bsc#970036) - CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037) - CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic (bsc#975128) - CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller (bsc#975136) - CVE-2016-4020: Fixed possible host data leakage to guest from TPR access (bsc#975700) - CVE-2016-2197: Prevent AHCI NULL pointer dereference when using FIS CLB engine (bsc#964411) - CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929). - CVE-2015-7549: PCI null pointer dereferences (bsc#958917). - CVE-2015-8504: VNC floating point exception (bsc#958491). - CVE-2015-8558: Infinite loop in ehciadvancestate resulting in DoS (bsc#959005). - CVE-2015-8567: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386). - CVE-2015-8568: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386). - CVE-2015-8613: Wrong sized memset in megasas command handler (bsc#961358). - CVE-2015-8619: Potential DoS for long HMP sendkey command argument (bsc#960334). - CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions (bsc#960725). - CVE-2015-8744: Incorrect l2 header validation could have lead to a crash via assert(2) call (bsc#960835). - CVE-2015-8745: Reading IMR registers could have lead to a crash via assert(2) call (bsc#960708). - CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332). - CVE-2016-1714: Potential OOB memory access in processing firmware configuration (bsc#961691). - CVE-2016-1922: NULL pointer dereference when processing hmp i/o command (bsc#962320). - CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation by malicious privileged user within guest (bsc#963782). - CVE-2016-2198: Malicious privileged guest user were able to cause DoS by writing to read-only EHCI capabilities registers (bsc#964413).
This non-security issue was fixed - bsc#886378: qemu truncates vhd images in virt-rescue
- References
-
- https://www.suse.com/support/update/announcement/2016/suse-su-20161703-1/
- https://bugzilla.suse.com/886378
- https://bugzilla.suse.com/940929
- https://bugzilla.suse.com/958491
- https://bugzilla.suse.com/958917
- https://bugzilla.suse.com/959005
- https://bugzilla.suse.com/959386
- https://bugzilla.suse.com/960334
- https://bugzilla.suse.com/960708
- https://bugzilla.suse.com/960725
- https://bugzilla.suse.com/960835
- https://bugzilla.suse.com/961332
- https://bugzilla.suse.com/961333
- https://bugzilla.suse.com/961358
- https://bugzilla.suse.com/961556
- https://bugzilla.suse.com/961691
- https://bugzilla.suse.com/962320
- https://bugzilla.suse.com/963782
- https://bugzilla.suse.com/964411
- https://bugzilla.suse.com/964413
- https://bugzilla.suse.com/967969
- https://bugzilla.suse.com/969121
- https://bugzilla.suse.com/969122
- https://bugzilla.suse.com/969350
- https://bugzilla.suse.com/970036
- https://bugzilla.suse.com/970037
- https://bugzilla.suse.com/975128
- https://bugzilla.suse.com/975136
- https://bugzilla.suse.com/975700
- https://bugzilla.suse.com/976109
- https://bugzilla.suse.com/978158
- https://bugzilla.suse.com/978160
- https://bugzilla.suse.com/980711
- https://bugzilla.suse.com/980723
- https://bugzilla.suse.com/981266
- https://www.suse.com/security/cve/CVE-2015-5745
- https://www.suse.com/security/cve/CVE-2015-7549
- https://www.suse.com/security/cve/CVE-2015-8504
- https://www.suse.com/security/cve/CVE-2015-8558
- https://www.suse.com/security/cve/CVE-2015-8567
- https://www.suse.com/security/cve/CVE-2015-8568
- https://www.suse.com/security/cve/CVE-2015-8613
- https://www.suse.com/security/cve/CVE-2015-8619
- https://www.suse.com/security/cve/CVE-2015-8743
- https://www.suse.com/security/cve/CVE-2015-8744
- https://www.suse.com/security/cve/CVE-2015-8745
- https://www.suse.com/security/cve/CVE-2015-8817
- https://www.suse.com/security/cve/CVE-2015-8818
- https://www.suse.com/security/cve/CVE-2016-1568
- https://www.suse.com/security/cve/CVE-2016-1714
- https://www.suse.com/security/cve/CVE-2016-1922
- https://www.suse.com/security/cve/CVE-2016-1981
- https://www.suse.com/security/cve/CVE-2016-2197
- https://www.suse.com/security/cve/CVE-2016-2198
- https://www.suse.com/security/cve/CVE-2016-2538
- https://www.suse.com/security/cve/CVE-2016-2841
- https://www.suse.com/security/cve/CVE-2016-2857
- https://www.suse.com/security/cve/CVE-2016-2858
- https://www.suse.com/security/cve/CVE-2016-3710
- https://www.suse.com/security/cve/CVE-2016-3712
- https://www.suse.com/security/cve/CVE-2016-4001
- https://www.suse.com/security/cve/CVE-2016-4002
- https://www.suse.com/security/cve/CVE-2016-4020
- https://www.suse.com/security/cve/CVE-2016-4037
- https://www.suse.com/security/cve/CVE-2016-4439
- https://www.suse.com/security/cve/CVE-2016-4441
- https://www.suse.com/security/cve/CVE-2016-4952
Affected packages
SUSE:Linux Enterprise Desktop 12 SP1 / qemu
Package
- Name
- qemu
- Purl
- purl:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1
SUSE:Linux Enterprise Server 12 SP1 / qemu
Package
- Name
- qemu
- Purl
- purl:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.1-14.1
Ecosystem specific
{
"binaries": [
{
"qemu-tools": "2.3.1-14.1",
"qemu-block-curl": "2.3.1-14.1",
"qemu-guest-agent": "2.3.1-14.1",
"qemu-lang": "2.3.1-14.1",
"qemu-seabios": "1.8.1-14.1",
"qemu-kvm": "2.3.1-14.1",
"qemu-vgabios": "1.8.1-14.1",
"qemu-x86": "2.3.1-14.1",
"qemu-s390": "2.3.1-14.1",
"qemu": "2.3.1-14.1",
"qemu-sgabios": "8-14.1",
"qemu-ipxe": "1.0.0-14.1",
"qemu-ppc": "2.3.1-14.1",
"qemu-block-rbd": "2.3.1-14.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / qemu
Package
- Name
- qemu
- Purl
- purl:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.1-14.1
Ecosystem specific
{
"binaries": [
{
"qemu-tools": "2.3.1-14.1",
"qemu-block-curl": "2.3.1-14.1",
"qemu-guest-agent": "2.3.1-14.1",
"qemu-lang": "2.3.1-14.1",
"qemu-seabios": "1.8.1-14.1",
"qemu-kvm": "2.3.1-14.1",
"qemu-vgabios": "1.8.1-14.1",
"qemu-x86": "2.3.1-14.1",
"qemu-s390": "2.3.1-14.1",
"qemu": "2.3.1-14.1",
"qemu-sgabios": "8-14.1",
"qemu-ipxe": "1.0.0-14.1",
"qemu-ppc": "2.3.1-14.1",
"qemu-block-rbd": "2.3.1-14.1"
}
]
}