SUSE-SU-2018:3555-1 -- SLES qemu, qemu-guest-agentID: oval:org.secpod.oval:def:89002408 | Date: (C)2021-02-26 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for qemu fixes the following issues: These security issues were fixed: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS . - CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented datagrams . With this release the mitigations for Spectre v4 are moved the the patches from upstream . This feature was added: - Add support for block resize support for disks through the monitor .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
Product: |
qemu |
qemu-guest-agent |