SUSE-SU-2017:2924-1 -- SLES qemu, qemu-guest-agentID: oval:org.secpod.oval:def:89044659 | Date: (C)2021-07-07 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in SLE 15 . These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service via vectors related to dst calculation - CVE-2017-15038: Race condition in the v9fs_xattrwalk function local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes - CVE-2017-10911: The make_response function in the Linux kernel allowed guest OS users to obtain sensitive information from host OS kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures - CVE-2017-12809: The IDE disk and CD/DVD-ROM Emulator support allowed local guest OS privileged users to cause a denial of service by flushing an empty CDROM device drive - CVE-2017-14167: Integer overflow in the load_multiboot function allowed local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write - CVE-2017-13672: The VGA display emulator support allowed local guest OS privileged users to cause a denial of service via vectors involving display update - CVE-2017-13711: Use-after-free vulnerability allowed attackers to cause a denial of service by leveraging failure to properly clear ifq_so from pending packets . These non-security issues were fixed: - Fixed not being able to build from rpm sources due to undefined macro - Fiedx package build failure against new glibc
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
Product: |
qemu |
qemu-guest-agent |