Vulnerability-Lookup

CVE-2018-18849 (GCVE-0-2018-18849)

Vulnerability from cvelistv5 – Published: 2019-03-17 19:56 – Updated: 2024-08-05 11:23

Summary

In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

11 references

URL	Tags
https://usn.ubuntu.com/3826-1/	vendor-advisoryx_refsource_UBUNTU
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2018/11/01/1	x_refsource_MISC
https://lists.gnu.org/archive/html/qemu-devel/201…	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2019041…	x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2019…	mailing-listx_refsource_MLIST
https://www.debian.org/security/2019/dsa-4454	vendor-advisoryx_refsource_DEBIAN
https://seclists.org/bugtraq/2019/May/76	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:23:08.494Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3826-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3826-1/"
          },
          {
            "name": "FEDORA-2018-87f2ace20d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/"
          },
          {
            "name": "openSUSE-SU-2018:4111",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html"
          },
          {
            "name": "openSUSE-SU-2018:4147",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html"
          },
          {
            "name": "openSUSE-SU-2018:4004",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/11/01/1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190411-0006/"
          },
          {
            "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
          },
          {
            "name": "DSA-4454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4454"
          },
          {
            "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/May/76"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-31T13:06:05.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3826-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3826-1/"
        },
        {
          "name": "FEDORA-2018-87f2ace20d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/"
        },
        {
          "name": "openSUSE-SU-2018:4111",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html"
        },
        {
          "name": "openSUSE-SU-2018:4147",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html"
        },
        {
          "name": "openSUSE-SU-2018:4004",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/11/01/1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190411-0006/"
        },
        {
          "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
        },
        {
          "name": "DSA-4454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4454"
        },
        {
          "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/May/76"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-18849",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3826-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3826-1/"
            },
            {
              "name": "FEDORA-2018-87f2ace20d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/"
            },
            {
              "name": "openSUSE-SU-2018:4111",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html"
            },
            {
              "name": "openSUSE-SU-2018:4147",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html"
            },
            {
              "name": "openSUSE-SU-2018:4004",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2018/11/01/1",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2018/11/01/1"
            },
            {
              "name": "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html",
              "refsource": "MISC",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190411-0006/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190411-0006/"
            },
            {
              "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
            },
            {
              "name": "DSA-4454",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4454"
            },
            {
              "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/May/76"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-18849",
    "datePublished": "2019-03-17T19:56:41.000Z",
    "dateReserved": "2018-10-30T00:00:00.000Z",
    "dateUpdated": "2024-08-05T11:23:08.494Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-18849",
      "date": "2026-05-31",
      "epss": "0.00051",
      "percentile": "0.16282"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0CBAFD7-65FB-420F-9EA1-3CFF779A9456\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1E78106-58E6-4D59-990F-75DA575BFAD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.\"}, {\"lang\": \"es\", \"value\": \"En Qemu 3.0.0, lsi_do_msgin en hw/scsi/lsi53c895a.c permite el acceso fuera de l\\u00edmites desencadenando un valor msg_len inv\\u00e1lido.\"}]",
      "id": "CVE-2018-18849",
      "lastModified": "2024-11-21T03:56:44.557",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-03-21T16:00:29.547",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2018/11/01/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/76\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190411-0006/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3826-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4454\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2018/11/01/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/76\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190411-0006/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3826-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4454\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-18849\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-03-21T16:00:29.547\",\"lastModified\":\"2024-11-21T03:56:44.557\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.\"},{\"lang\":\"es\",\"value\":\"En Qemu 3.0.0, lsi_do_msgin en hw/scsi/lsi53c895a.c permite el acceso fuera de l\u00edmites desencadenando un valor msg_len inv\u00e1lido.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0CBAFD7-65FB-420F-9EA1-3CFF779A9456\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2018/11/01/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/76\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20190411-0006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3826-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4454\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2018/11/01/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/76\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20190411-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3826-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4454\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

SUSE-SU-2019:14011-1

Vulnerability from csaf_suse - Published: 2019-04-03 09:06 - Updated: 2019-04-03 09:06

Summary

Security update for xen

Severity

Important

Notes

Title of the patch: Security update for xen

Description of the patch: This update for xen fixes the following issues: Security issues fixed: - CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case non-canonical addresses are accessed, which may allow a guest to cause Xen to crash, resulting in a Denial of Service (DoS) affecting the entire host. (XSA-279) (bsc#1115045) - CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin (bsc#1114423). - CVE-2018-19665: Fixed an integer overflow resulting in memory corruption in various Bluetooth functions, allowing this to crash qemu process resulting in Denial of Service (DoS). (bsc#1117756). - CVE-2018-18438: Fixed an integer overflow in ccid_card_vscard_read function which could allow memory corruption (bsc#1112188). - CVE-2018-17962: Fixed an integer overflow leading to a buffer overflow in the pcnet component (bsc#1111011) - CVE-2018-17963: Fixed an integer overflow in relation to large packet sizes, leading to a denial of service (DoS). (bsc#1111014) - Fixed an issue which could allow an untrusted PV domain with access to a physical device to DMA into its own pagetables leading to privilege escalation (bsc#1126195). - Fixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service attack affecting the whole system (bsc#1126196). - CVE-2018-17958: Fixed an integer overflow which could lead to buffer overflow (bsc#1111007). - CVE-2018-10839: Fixed an integer overflow leading to a buffer overflow in the ne2000 component (bsc#1110924). - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157). - CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused conflicts with shadow paging (XSA-280)(bsc#1115047). - CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host, resulting in a Denial of Service (DoS). (XSA-282) (bsc#1114988). - Fixed multiple access violations introduced by XENMEM_exchange hypercall which could allow a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192). - Fixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory leaks were also possible (bsc#1126140). - Fixed a race condition issue which could allow malicious PV guests to escalate their privilege to that of the hypervisor (bsc#1126141). - CVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process to read uninitialised stack memory contents (bsc#1129623).

Patchnames: sleposp3-xen-14011

CVE-2018-10839

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-17958

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-17962

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-17963

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-18438

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-18849

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-19665

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-19961

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact important

CVE-2018-19962

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact important

CVE-2018-19965

5.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-19966

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2018-19967

5.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact moderate

CVE-2019-6778

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact important

CVE-2019-9824

2.8 (Low)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586	—	Vendor Fix

Threats

Impact low

References

83 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1110924	self
https://bugzilla.suse.com/1111007	self
https://bugzilla.suse.com/1111011	self
https://bugzilla.suse.com/1111014	self
https://bugzilla.suse.com/1112188	self
https://bugzilla.suse.com/1114423	self
https://bugzilla.suse.com/1114988	self
https://bugzilla.suse.com/1115040	self
https://bugzilla.suse.com/1115045	self
https://bugzilla.suse.com/1115047	self
https://bugzilla.suse.com/1117756	self
https://bugzilla.suse.com/1123157	self
https://bugzilla.suse.com/1126140	self
https://bugzilla.suse.com/1126141	self
https://bugzilla.suse.com/1126192	self
https://bugzilla.suse.com/1126195	self
https://bugzilla.suse.com/1126196	self
https://bugzilla.suse.com/1129623	self
https://www.suse.com/security/cve/CVE-2018-10839/	self
https://www.suse.com/security/cve/CVE-2018-17958/	self
https://www.suse.com/security/cve/CVE-2018-17962/	self
https://www.suse.com/security/cve/CVE-2018-17963/	self
https://www.suse.com/security/cve/CVE-2018-18438/	self
https://www.suse.com/security/cve/CVE-2018-18849/	self
https://www.suse.com/security/cve/CVE-2018-19665/	self
https://www.suse.com/security/cve/CVE-2018-19961/	self
https://www.suse.com/security/cve/CVE-2018-19962/	self
https://www.suse.com/security/cve/CVE-2018-19965/	self
https://www.suse.com/security/cve/CVE-2018-19966/	self
https://www.suse.com/security/cve/CVE-2018-19967/	self
https://www.suse.com/security/cve/CVE-2019-6778/	self
https://www.suse.com/security/cve/CVE-2019-9824/	self
https://www.suse.com/security/cve/CVE-2018-10839	external
https://bugzilla.suse.com/1110910	external
https://bugzilla.suse.com/1110924	external
https://www.suse.com/security/cve/CVE-2018-17958	external
https://bugzilla.suse.com/1111006	external
https://bugzilla.suse.com/1111007	external
https://www.suse.com/security/cve/CVE-2018-17962	external
https://bugzilla.suse.com/1111010	external
https://bugzilla.suse.com/1111011	external
https://www.suse.com/security/cve/CVE-2018-17963	external
https://bugzilla.suse.com/1111013	external
https://bugzilla.suse.com/1111014	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2018-18438	external
https://bugzilla.suse.com/1112185	external
https://bugzilla.suse.com/1112188	external
https://www.suse.com/security/cve/CVE-2018-18849	external
https://bugzilla.suse.com/1114422	external
https://bugzilla.suse.com/1114423	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2018-19665	external
https://bugzilla.suse.com/1117749	external
https://bugzilla.suse.com/1117756	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2018-19961	external
https://bugzilla.suse.com/1115040	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2018-19962	external
https://bugzilla.suse.com/1115040	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2018-19965	external
https://bugzilla.suse.com/1115045	external
https://www.suse.com/security/cve/CVE-2018-19966	external
https://bugzilla.suse.com/1115047	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2018-19967	external
https://bugzilla.suse.com/1114988	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2019-6778	external
https://bugzilla.suse.com/1123156	external
https://bugzilla.suse.com/1123157	external
https://bugzilla.suse.com/1178658	external
https://www.suse.com/security/cve/CVE-2019-9824	external
https://bugzilla.suse.com/1118900	external
https://bugzilla.suse.com/1129622	external
https://bugzilla.suse.com/1129623	external
https://bugzilla.suse.com/1178658	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\nSecurity issues fixed: \n\n- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case\n  non-canonical addresses are accessed, which may allow a guest to cause Xen to\n  crash, resulting in a Denial of Service (DoS) affecting the entire host.\n  (XSA-279) (bsc#1115045)\n- CVE-2018-18849: Fixed an out of bounds memory access issue was found in the \n  LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin (bsc#1114423).\n- CVE-2018-19665: Fixed an integer overflow resulting in memory corruption in\n  various Bluetooth functions, allowing this to crash qemu process resulting in\n  Denial of Service (DoS). (bsc#1117756).\n- CVE-2018-18438: Fixed an integer overflow in ccid_card_vscard_read function which could allow memory corruption (bsc#1112188).\n- CVE-2018-17962: Fixed an integer overflow leading to a buffer overflow in the\n  pcnet component (bsc#1111011)\n- CVE-2018-17963: Fixed an integer overflow in relation to large packet sizes,\n  leading to a denial of service (DoS). (bsc#1111014)\n- Fixed an issue which could allow an untrusted PV domain with access to a physical device to DMA into its own \n  pagetables leading to privilege escalation (bsc#1126195).\n- Fixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service\n  attack affecting the whole system (bsc#1126196).\n- CVE-2018-17958: Fixed an integer overflow  which could lead to buffer overflow (bsc#1111007).\n- CVE-2018-10839: Fixed an integer overflow leading to a buffer overflow in\n  the ne2000 component (bsc#1110924).\n- CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157).\n- CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused conflicts with shadow paging (XSA-280)(bsc#1115047).\n- CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host,\n  resulting in a Denial of Service (DoS). (XSA-282) (bsc#1114988).\n- Fixed multiple access violations introduced by XENMEM_exchange hypercall which could allow\n  a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192).\n- Fixed an issue which could allow malicious or buggy guests with passed through PCI devices to  be able to \n  escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory \n  leaks were also possible (bsc#1126140).\n- Fixed a race condition issue which could allow malicious PV guests to escalate their privilege to that \n  of the hypervisor (bsc#1126141).\n- CVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process \n  to read uninitialised stack memory contents (bsc#1129623).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "sleposp3-xen-14011",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_14011-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2019:14011-1",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914011-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2019:14011-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2019-April/005287.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110924",
        "url": "https://bugzilla.suse.com/1110924"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111007",
        "url": "https://bugzilla.suse.com/1111007"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111011",
        "url": "https://bugzilla.suse.com/1111011"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111014",
        "url": "https://bugzilla.suse.com/1111014"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112188",
        "url": "https://bugzilla.suse.com/1112188"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114423",
        "url": "https://bugzilla.suse.com/1114423"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114988",
        "url": "https://bugzilla.suse.com/1114988"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115040",
        "url": "https://bugzilla.suse.com/1115040"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115045",
        "url": "https://bugzilla.suse.com/1115045"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115047",
        "url": "https://bugzilla.suse.com/1115047"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1117756",
        "url": "https://bugzilla.suse.com/1117756"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1123157",
        "url": "https://bugzilla.suse.com/1123157"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1126140",
        "url": "https://bugzilla.suse.com/1126140"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1126141",
        "url": "https://bugzilla.suse.com/1126141"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1126192",
        "url": "https://bugzilla.suse.com/1126192"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1126195",
        "url": "https://bugzilla.suse.com/1126195"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1126196",
        "url": "https://bugzilla.suse.com/1126196"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1129623",
        "url": "https://bugzilla.suse.com/1129623"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-10839 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-10839/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17958 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17962 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17963 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18438 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18438/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18849 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18849/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-19665 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-19665/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-19961 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-19961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-19962 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-19962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-19965 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-19965/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-19966 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-19966/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-19967 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-19967/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-6778 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-6778/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9824 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9824/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2019-04-03T09:06:19Z",
      "generator": {
        "date": "2019-04-03T09:06:19Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2019:14011-1",
      "initial_release_date": "2019-04-03T09:06:19Z",
      "revision_history": [
        {
          "date": "2019-04-03T09:06:19Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
                "product": {
                  "name": "xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
                  "product_id": "xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
                "product": {
                  "name": "xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
                  "product_id": "xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.2.5_21-45.30.1.i586",
                "product": {
                  "name": "xen-libs-4.2.5_21-45.30.1.i586",
                  "product_id": "xen-libs-4.2.5_21-45.30.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.2.5_21-45.30.1.i586",
                "product": {
                  "name": "xen-tools-domU-4.2.5_21-45.30.1.i586",
                  "product_id": "xen-tools-domU-4.2.5_21-45.30.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Point of Sale 11 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Point of Sale 11 SP3",
                  "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-pos:11:sp3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
          "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586"
        },
        "product_reference": "xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
          "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586"
        },
        "product_reference": "xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.2.5_21-45.30.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
          "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586"
        },
        "product_reference": "xen-libs-4.2.5_21-45.30.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.2.5_21-45.30.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
          "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        },
        "product_reference": "xen-tools-domU-4.2.5_21-45.30.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-10839",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-10839"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Qemu emulator \u003c= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-10839",
          "url": "https://www.suse.com/security/cve/CVE-2018-10839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110910 for CVE-2018-10839",
          "url": "https://bugzilla.suse.com/1110910"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110924 for CVE-2018-10839",
          "url": "https://bugzilla.suse.com/1110924"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-10839"
    },
    {
      "cve": "CVE-2018-17958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17958",
          "url": "https://www.suse.com/security/cve/CVE-2018-17958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111006 for CVE-2018-17958",
          "url": "https://bugzilla.suse.com/1111006"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111007 for CVE-2018-17958",
          "url": "https://bugzilla.suse.com/1111007"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-17958"
    },
    {
      "cve": "CVE-2018-17962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17962",
          "url": "https://www.suse.com/security/cve/CVE-2018-17962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111010 for CVE-2018-17962",
          "url": "https://bugzilla.suse.com/1111010"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111011 for CVE-2018-17962",
          "url": "https://bugzilla.suse.com/1111011"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-17962"
    },
    {
      "cve": "CVE-2018-17963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17963",
          "url": "https://www.suse.com/security/cve/CVE-2018-17963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111013 for CVE-2018-17963",
          "url": "https://bugzilla.suse.com/1111013"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111014 for CVE-2018-17963",
          "url": "https://bugzilla.suse.com/1111014"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-17963",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-17963"
    },
    {
      "cve": "CVE-2018-18438",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18438"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18438",
          "url": "https://www.suse.com/security/cve/CVE-2018-18438"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112185 for CVE-2018-18438",
          "url": "https://bugzilla.suse.com/1112185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112188 for CVE-2018-18438",
          "url": "https://bugzilla.suse.com/1112188"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-18438"
    },
    {
      "cve": "CVE-2018-18849",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18849"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18849",
          "url": "https://www.suse.com/security/cve/CVE-2018-18849"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1114422 for CVE-2018-18849",
          "url": "https://bugzilla.suse.com/1114422"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1114423 for CVE-2018-18849",
          "url": "https://bugzilla.suse.com/1114423"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-18849",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-18849"
    },
    {
      "cve": "CVE-2018-19665",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-19665"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-19665",
          "url": "https://www.suse.com/security/cve/CVE-2018-19665"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1117749 for CVE-2018-19665",
          "url": "https://bugzilla.suse.com/1117749"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1117756 for CVE-2018-19665",
          "url": "https://bugzilla.suse.com/1117756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-19665",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-19665"
    },
    {
      "cve": "CVE-2018-19961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-19961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-19961",
          "url": "https://www.suse.com/security/cve/CVE-2018-19961"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115040 for CVE-2018-19961",
          "url": "https://bugzilla.suse.com/1115040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-19961",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-19961"
    },
    {
      "cve": "CVE-2018-19962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-19962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-19962",
          "url": "https://www.suse.com/security/cve/CVE-2018-19962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115040 for CVE-2018-19962",
          "url": "https://bugzilla.suse.com/1115040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-19962",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-19962"
    },
    {
      "cve": "CVE-2018-19965",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-19965"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-19965",
          "url": "https://www.suse.com/security/cve/CVE-2018-19965"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115045 for CVE-2018-19965",
          "url": "https://bugzilla.suse.com/1115045"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-19965"
    },
    {
      "cve": "CVE-2018-19966",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-19966"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-19966",
          "url": "https://www.suse.com/security/cve/CVE-2018-19966"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115047 for CVE-2018-19966",
          "url": "https://bugzilla.suse.com/1115047"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-19966",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-19966"
    },
    {
      "cve": "CVE-2018-19967",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-19967"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel\u0027s mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-19967",
          "url": "https://www.suse.com/security/cve/CVE-2018-19967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1114988 for CVE-2018-19967",
          "url": "https://bugzilla.suse.com/1114988"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-19967",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-19967"
    },
    {
      "cve": "CVE-2019-6778",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-6778"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-6778",
          "url": "https://www.suse.com/security/cve/CVE-2019-6778"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123156 for CVE-2019-6778",
          "url": "https://bugzilla.suse.com/1123156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123157 for CVE-2019-6778",
          "url": "https://bugzilla.suse.com/1123157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2019-6778",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-6778"
    },
    {
      "cve": "CVE-2019-9824",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9824"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9824",
          "url": "https://www.suse.com/security/cve/CVE-2019-9824"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1118900 for CVE-2019-9824",
          "url": "https://bugzilla.suse.com/1118900"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129622 for CVE-2019-9824",
          "url": "https://bugzilla.suse.com/1129622"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1129623 for CVE-2019-9824",
          "url": "https://bugzilla.suse.com/1129623"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2019-9824",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.8,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-default-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.59-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-libs-4.2.5_21-45.30.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:xen-tools-domU-4.2.5_21-45.30.1.i586"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-04-03T09:06:19Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-9824"
    }
  ]
}

WID-SEC-W-2024-2000

Vulnerability from csaf_certbund - Published: 2018-10-31 23:00 - Updated: 2024-09-02 22:00

Summary

QEMU: Schwachstelle ermöglicht Denial of Service

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: QEMU ist eine freie Virtualisierungssoftware, die die gesamte Hardware eines Computers emuliert.

Angriff: Ein lokaler Angreifer kann eine Schwachstelle in QEMU ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme: - Linux

CVE-2018-18849

Es existiert eine Schwachstelle in QEMU. Ein "out of bounds" Speicherzugriff in der LSI53C895A SCSI Host Bus Adapter Emulation ist die Ursache dieser Schwachstelle. Ein Lokaler Angreifer kann das ausnutzen um den Qemu-Prozess zum Absturz zu bringen und somit einen Denial of Service verursachen.

Affected products

Known affected 5 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source QEMU Open Source	`cpe:/a:qemu:qemu:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

References

26 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
http://seclists.org/oss-sec/2018/q4/120	external
https://www.suse.com/support/update/announcement/…	external
http://www.ubuntu.com/usn/usn-3826-1	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2018-4313.html	external
http://linux.oracle.com/errata/ELSA-2018-4312.html	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/de-de/support/update/announc…	external
http://linux.oracle.com/errata/ELSA-2019-4520.html	external
http://linux.oracle.com/errata/ELSA-2019-4585.html	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2019-4630.html	external
https://www.debian.org/security/2019/dsa-4454	external
https://linux.oracle.com/errata/ELSA-2024-12604.html	external
https://linux.oracle.com/errata/ELSA-2024-12605.html	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "QEMU ist eine freie Virtualisierungssoftware, die die gesamte Hardware eines Computers emuliert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in QEMU ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-2000 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2024-2000.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-2000 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2000"
      },
      {
        "category": "external",
        "summary": "Eintrag in der OSS Mailing Liste vom 2018-10-31",
        "url": "http://seclists.org/oss-sec/2018/q4/120"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3912-1 vom 2018-11-27",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183912-1.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3826-1 vom 2018-11-27",
        "url": "http://www.ubuntu.com/usn/usn-3826-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3927-1 vom 2018-11-28",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183927-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3973-1 vom 2018-12-05",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183973-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3975-1 vom 2018-12-05",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183975-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3987-1 vom 2018-12-06",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183987-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:4129-1 vom 2018-12-17",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184129-1/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:4185-1 vom 2018-12-19",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184185-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4313 vom 2018-12-22",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4313.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4312 vom 2018-12-22",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4312.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:4237-1 vom 2018-12-23",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184237-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:0003-1 vom 2019-01-03",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190003-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:13921-1 vom 2019-01-02",
        "url": "https://www.suse.com/de-de/support/update/announcement/2019/suse-su-201913921-1/"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-4520 vom 2019-01-28",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4520.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-4585 vom 2019-03-15",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4585.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:0827-1 vom 2019-04-01",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190827-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:0825-1 vom 2019-04-01",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190825-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:14011-1 vom 2019-04-03",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914011-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:3973-2 vom 2019-04-28",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20183973-2.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-4630 vom 2019-05-14",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4630.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-4454 vom 2019-05-31",
        "url": "https://www.debian.org/security/2019/dsa-4454"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12604 vom 2024-09-02",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12604.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12605 vom 2024-09-02",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12605.html"
      }
    ],
    "source_lang": "en-US",
    "title": "QEMU: Schwachstelle erm\u00f6glicht Denial of Service",
    "tracking": {
      "current_release_date": "2024-09-02T22:00:00.000+00:00",
      "generator": {
        "date": "2024-09-03T08:16:39.455+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.6"
        }
      },
      "id": "WID-SEC-W-2024-2000",
      "initial_release_date": "2018-10-31T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2018-10-31T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2018-11-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "Added references"
        },
        {
          "date": "2018-11-26T23:00:00.000+00:00",
          "number": "3",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-26T23:00:00.000+00:00",
          "number": "4",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-27T23:00:00.000+00:00",
          "number": "5",
          "summary": "New remediations available"
        },
        {
          "date": "2018-12-04T23:00:00.000+00:00",
          "number": "6",
          "summary": "New remediations available"
        },
        {
          "date": "2018-12-05T23:00:00.000+00:00",
          "number": "7",
          "summary": "New remediations available"
        },
        {
          "date": "2018-12-16T23:00:00.000+00:00",
          "number": "8",
          "summary": "New remediations available"
        },
        {
          "date": "2018-12-19T23:00:00.000+00:00",
          "number": "9",
          "summary": "New remediations available"
        },
        {
          "date": "2018-12-23T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
        },
        {
          "date": "2019-01-02T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-01-02T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-01-28T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-03-14T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-04-01T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-04-03T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-04-28T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-05-15T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-06-02T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-09-02T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        }
      ],
      "status": "final",
      "version": "20"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source QEMU",
            "product": {
              "name": "Open Source QEMU",
              "product_id": "T007150",
              "product_identification_helper": {
                "cpe": "cpe:/a:qemu:qemu:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-18849",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in QEMU. Ein \"out of bounds\" Speicherzugriff in der LSI53C895A SCSI Host Bus Adapter Emulation ist die Ursache dieser Schwachstelle. Ein Lokaler Angreifer kann das ausnutzen um den Qemu-Prozess zum Absturz zu bringen und somit einen Denial of Service verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T007150",
          "T004914"
        ]
      },
      "release_date": "2018-10-31T23:00:00.000+00:00",
      "title": "CVE-2018-18849"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-18849 (GCVE-0-2018-18849)

SUSE-SU-2019:14011-1

WID-SEC-W-2024-2000

Tags

Sightings

Nomenclature