SUSE-SU-2018:2650-1 -- SLES kvmID: oval:org.secpod.oval:def:89043744 | Date: (C)2021-03-05 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for kvm fixes the following security issues: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS - CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented datagrams With this release the mitigations for Spectre v4 are moved the the patches from upstream .
Platform: |
SUSE Linux Enterprise Server 11 SP4 |