Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-19364 (GCVE-0-2018-19364)
Vulnerability from cvelistv5 – Published: 2018-12-13 19:00 – Updated: 2024-08-05 11:37
VLAI?
EPSS
Summary
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://lists.debian.org/debian-lts-announce/2019… | mailing-listx_refsource_MLIST |
| https://lists.gnu.org/archive/html/qemu-devel/201… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/3826-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2018/11/20/1 | mailing-listx_refsource_MLIST |
| https://lists.gnu.org/archive/html/qemu-devel/201… | mailing-listx_refsource_MLIST |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://www.debian.org/security/2019/dsa-4454 | vendor-advisoryx_refsource_DEBIAN |
| https://seclists.org/bugtraq/2019/May/76 | mailing-listx_refsource_BUGTRAQ |
Date Public ?
2018-11-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:37:10.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181107 [PATCH] 9p: write lock path in v9fs_co_open2()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"name": "USN-3826-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3826-1/"
},
{
"name": "[oss-security] 20181120 CVE-2018-19364 Qemu: 9pfs: Use-after-free due to race condition while updating fid path",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
},
{
"name": "[qemu-devel] 20181115 [PATCH] 9p: take write lock on fid path updates",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"name": "FEDORA-2019-88a98ce795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "openSUSE-SU-2019:1074",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-31T13:06:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181107 [PATCH] 9p: write lock path in v9fs_co_open2()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"name": "USN-3826-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3826-1/"
},
{
"name": "[oss-security] 20181120 CVE-2018-19364 Qemu: 9pfs: Use-after-free due to race condition while updating fid path",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
},
{
"name": "[qemu-devel] 20181115 [PATCH] 9p: take write lock on fid path updates",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"name": "FEDORA-2019-88a98ce795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "openSUSE-SU-2019:1074",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181107 [PATCH] 9p: write lock path in v9fs_co_open2()",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"name": "USN-3826-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3826-1/"
},
{
"name": "[oss-security] 20181120 CVE-2018-19364 Qemu: 9pfs: Use-after-free due to race condition while updating fid path",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
},
{
"name": "[qemu-devel] 20181115 [PATCH] 9p: take write lock on fid path updates",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"name": "FEDORA-2019-88a98ce795",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "openSUSE-SU-2019:1074",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/76"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19364",
"datePublished": "2018-12-13T19:00:00.000Z",
"dateReserved": "2018-11-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:37:10.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-19364",
"date": "2026-05-24",
"epss": "0.00075",
"percentile": "0.22504"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.0\", \"matchCriteriaId\": \"16AFB9CD-95CF-4552-A8C1-1B4F496925B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"C726BD36-EA1B-4260-ABCD-29587B584058\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"58E67452-3056-42CF-A6A0-EFB854366642\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.\"}, {\"lang\": \"es\", \"value\": \"hw/9pfs/cofile.c y hw/9pfs/9p.c en QEMU pueden modificar una ruta fid mientras un segundo hilo accede a ella, lo que conduce a, por ejemplo, un uso de memoria previamente liberada.\"}]",
"id": "CVE-2018-19364",
"lastModified": "2024-11-21T03:57:48.880",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-12-13T19:29:00.497",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2018/11/20/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/76\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3826-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4454\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2018/11/20/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/76\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3826-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4454\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-19364\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-12-13T19:29:00.497\",\"lastModified\":\"2024-11-21T03:57:48.880\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.\"},{\"lang\":\"es\",\"value\":\"hw/9pfs/cofile.c y hw/9pfs/9p.c en QEMU pueden modificar una ruta fid mientras un segundo hilo accede a ella, lo que conduce a, por ejemplo, un uso de memoria previamente liberada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.0\",\"matchCriteriaId\":\"16AFB9CD-95CF-4552-A8C1-1B4F496925B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"C726BD36-EA1B-4260-ABCD-29587B584058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"58E67452-3056-42CF-A6A0-EFB854366642\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2018/11/20/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/76\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3826-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4454\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2018/11/20/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/76\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3826-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4454\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
BDU:2020-00698
Vulnerability from fstec - Published: 08.11.2018
VLAI Severity ?
Title
Уязвимость компонентов hw/9pfs/cofile.c и hw/9pfs/9p.c эмулятора аппаратного обеспечения QEMU, связанная с повторным обращением к освобожденной области памяти, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость компонентов hw/9pfs/cofile.c и hw/9pfs/9p.c эмулятора аппаратного обеспечения QEMU связана с повторным обращением к освобожденной области памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity ?
Vendor
Canonical Ltd., Сообщество свободного программного обеспечения, Novell Inc., ООО «РусБИТех-Астра», Fabrice Bellard
Software Name
Ubuntu, Debian GNU/Linux, OpenSUSE Leap, Astra Linux Special Edition (запись в едином реестре российских программ №369), QEMU
Software Version
14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 42.3 (OpenSUSE Leap), 18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), 8 (Debian GNU/Linux), до 3.1 (QEMU)
Possible Mitigations
Использование рекомендаций:
Для qemu:
Обновление программного обеспечения до 1:3.1+dfsg-8 или более поздней версии
Для Debian:
Обновление программного обеспечения (пакета qemu) до 1:2.8+dfsg-6+deb9u6 или более поздней версии
Для программных продуктов Novell Inc.:
https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html
Для Ubuntu:
https://usn.ubuntu.com/3826-1/
Для Astra Linux:
https://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-19364
https://security-tracker.debian.org/tracker/CVE-2018-19364
https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html
https://usn.ubuntu.com/3826-1/
https://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186
CWE
CWE-416
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Novell Inc., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Fabrice Bellard",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 42.3 (OpenSUSE Leap), 18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Debian GNU/Linux), \u0434\u043e 3.1 (QEMU)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f qemu:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 1:3.1+dfsg-8 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 qemu) \u0434\u043e 1:2.8+dfsg-6+deb9u6 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/3826-1/\n\n\u0414\u043b\u044f Astra Linux:\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "08.11.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.02.2020",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.02.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00698",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-19364",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, OpenSUSE Leap, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), QEMU",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 14.04 LTS , Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Novell Inc. OpenSUSE Leap 42.3 , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 18.10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 hw/9pfs/cofile.c \u0438 hw/9pfs/9p.c \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f QEMU, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0435\u043c \u043a \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043f\u0430\u043c\u044f\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 hw/9pfs/cofile.c \u0438 hw/9pfs/9p.c \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f QEMU \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0435\u043c \u043a \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2018-19364\nhttps://security-tracker.debian.org/tracker/CVE-2018-19364\nhttps://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\nhttps://usn.ubuntu.com/3826-1/\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 2,1)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
CNVD-2018-26706
Vulnerability from cnvd - Published: 2018-12-27
VLAI Severity ?
Title
QEMU拒绝服务漏洞(CNVD-2018-26706)
Description
QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。
QEMU中的hw/9pfs/cofile.c和hw/9pfs/9p.c文件存在安全漏洞。攻击者可利用该漏洞造成拒绝服务(释放后重用和QEMU崩溃)。
Severity
中
Patch Name
QEMU拒绝服务漏洞(CNVD-2018-26706)的补丁
Patch Description
QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。
QEMU中的hw/9pfs/cofile.c和hw/9pfs/9p.c文件存在安全漏洞。攻击者可利用该漏洞造成拒绝服务(释放后重用和QEMU崩溃)。 目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页: https://www.qemu.org/
Reference
https://www.qemu.org/
Impacted products
| Name | QEMU QEMU |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-19364",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19364"
}
},
"description": "QEMU\uff08\u53c8\u540dQuick Emulator\uff09\u662f\u6cd5\u56fd\u7a0b\u5e8f\u5458\u6cd5\u5e03\u91cc\u65af-\u8d1d\u62c9\uff08Fabrice Bellard\uff09\u6240\u7814\u53d1\u7684\u4e00\u5957\u6a21\u62df\u5904\u7406\u5668\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5177\u6709\u901f\u5ea6\u5feb\u3001\u8de8\u5e73\u53f0\u7b49\u7279\u70b9\u3002\n\nQEMU\u4e2d\u7684hw/9pfs/cofile.c\u548chw/9pfs/9p.c\u6587\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u91ca\u653e\u540e\u91cd\u7528\u548cQEMU\u5d29\u6e83\uff09\u3002",
"discovererName": "Greg Kurz",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.qemu.org/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-26706",
"openTime": "2018-12-27",
"patchDescription": "QEMU\uff08\u53c8\u540dQuick Emulator\uff09\u662f\u6cd5\u56fd\u7a0b\u5e8f\u5458\u6cd5\u5e03\u91cc\u65af-\u8d1d\u62c9\uff08Fabrice Bellard\uff09\u6240\u7814\u53d1\u7684\u4e00\u5957\u6a21\u62df\u5904\u7406\u5668\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5177\u6709\u901f\u5ea6\u5feb\u3001\u8de8\u5e73\u53f0\u7b49\u7279\u70b9\u3002\r\n\r\nQEMU\u4e2d\u7684hw/9pfs/cofile.c\u548chw/9pfs/9p.c\u6587\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u91ca\u653e\u540e\u91cd\u7528\u548cQEMU\u5d29\u6e83\uff09\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "QEMU\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-26706\uff09\u7684\u8865\u4e01",
"products": {
"product": "QEMU QEMU"
},
"referenceLink": "https://www.qemu.org/",
"serverity": "\u4e2d",
"submitTime": "2018-11-28",
"title": "QEMU\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-26706\uff09"
}
FKIE_CVE-2018-19364
Vulnerability from fkie_nvd - Published: 2018-12-13 19:29 - Updated: 2024-11-21 03:57
Severity ?
Summary
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| qemu | qemu | 3.1.0 | |
| qemu | qemu | 3.1.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| fedoraproject | fedora | 29 | |
| opensuse | leap | 42.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16AFB9CD-95CF-4552-A8C1-1B4F496925B6",
"versionEndIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "C726BD36-EA1B-4260-ABCD-29587B584058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "58E67452-3056-42CF-A6A0-EFB854366642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome."
},
{
"lang": "es",
"value": "hw/9pfs/cofile.c y hw/9pfs/9p.c en QEMU pueden modificar una ruta fid mientras un segundo hilo accede a ella, lo que conduce a, por ejemplo, un uso de memoria previamente liberada."
}
],
"id": "CVE-2018-19364",
"lastModified": "2024-11-21T03:57:48.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-13T19:29:00.497",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3826-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3826-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-6P82-V9W6-85GX
Vulnerability from github – Published: 2022-05-13 01:26 – Updated: 2022-05-13 01:26
VLAI?
Details
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2018-19364"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-13T19:29:00Z",
"severity": "MODERATE"
},
"details": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"id": "GHSA-6p82-v9w6-85gx",
"modified": "2022-05-13T01:26:37Z",
"published": "2022-05-13T01:26:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19364"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/May/76"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3826-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-19364
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-19364",
"description": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"id": "GSD-2018-19364",
"references": [
"https://www.suse.com/security/cve/CVE-2018-19364.html",
"https://www.debian.org/security/2019/dsa-4454",
"https://ubuntu.com/security/CVE-2018-19364",
"https://linux.oracle.com/cve/CVE-2018-19364.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-19364"
],
"details": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"id": "GSD-2018-19364",
"modified": "2023-12-13T01:22:39.273621Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181107 [PATCH] 9p: write lock path in v9fs_co_open2()",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"name": "USN-3826-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3826-1/"
},
{
"name": "[oss-security] 20181120 CVE-2018-19364 Qemu: 9pfs: Use-after-free due to race condition while updating fid path",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
},
{
"name": "[qemu-devel] 20181115 [PATCH] 9p: take write lock on fid path updates",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"name": "FEDORA-2019-88a98ce795",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "openSUSE-SU-2019:1074",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/76"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19364"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3826-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3826-1/"
},
{
"name": "[qemu-devel] 20181115 [PATCH] 9p: take write lock on fid path updates",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg02795.html"
},
{
"name": "[qemu-devel] 20181107 [PATCH] 9p: write lock path in v9fs_co_open2()",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg01139.html"
},
{
"name": "[oss-security] 20181120 CVE-2018-19364 Qemu: 9pfs: Use-after-free due to race condition while updating fid path",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/20/1"
},
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "FEDORA-2019-88a98ce795",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "openSUSE-SU-2019:1074",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"refsource": "BUGTRAQ",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-05-12T18:27Z",
"publishedDate": "2018-12-13T19:29Z"
}
}
}
OPENSUSE-SU-2019:0254-1
Vulnerability from csaf_opensuse - Published: 2019-03-23 11:07 - Updated: 2019-03-23 11:07Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).
Non-security issues fixed:
- Improved disk performance for qemu on xen (bsc#1100408).
- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).
- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).
- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).
- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-254
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).\n\nNon-security issues fixed:\n\n- Improved disk performance for qemu on xen (bsc#1100408).\n- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).\n- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).\n- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).\n- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-254",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0254-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:0254-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG/#CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:0254-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG/#CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG"
},
{
"category": "self",
"summary": "SUSE Bug 1063993",
"url": "https://bugzilla.suse.com/1063993"
},
{
"category": "self",
"summary": "SUSE Bug 1079730",
"url": "https://bugzilla.suse.com/1079730"
},
{
"category": "self",
"summary": "SUSE Bug 1100408",
"url": "https://bugzilla.suse.com/1100408"
},
{
"category": "self",
"summary": "SUSE Bug 1101982",
"url": "https://bugzilla.suse.com/1101982"
},
{
"category": "self",
"summary": "SUSE Bug 1112646",
"url": "https://bugzilla.suse.com/1112646"
},
{
"category": "self",
"summary": "SUSE Bug 1114957",
"url": "https://bugzilla.suse.com/1114957"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1121600",
"url": "https://bugzilla.suse.com/1121600"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE Bug 1123179",
"url": "https://bugzilla.suse.com/1123179"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18954 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-03-23T11:07:37Z",
"generator": {
"date": "2019-03-23T11:07:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:0254-1",
"initial_release_date": "2019-03-23T11:07:37Z",
"revision_history": [
{
"date": "2019-03-23T11:07:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"product_id": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"product": {
"name": "qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"product_id": "qemu-seabios-1.11.0-lp150.7.18.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-lp150.7.18.1.noarch",
"product": {
"name": "qemu-sgabios-8-lp150.7.18.1.noarch",
"product_id": "qemu-sgabios-8-lp150.7.18.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"product": {
"name": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"product_id": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-arm-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-extra-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-lang-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-s390-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-tools-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-x86-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-x86-2.11.2-lp150.7.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-extra-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch"
},
"product_reference": "qemu-sgabios-8-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-18954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18954"
}
],
"notes": [
{
"category": "general",
"text": "The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18954",
"url": "https://www.suse.com/security/cve/CVE-2018-18954"
},
{
"category": "external",
"summary": "SUSE Bug 1114957 for CVE-2018-18954",
"url": "https://bugzilla.suse.com/1114957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "important"
}
],
"title": "CVE-2018-18954"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0423-1
Vulnerability from csaf_suse - Published: 2019-02-18 15:26 - Updated: 2019-02-18 15:26Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).
Non-security issues fixed:
- Improved disk performance for qemu on xen (bsc#1100408).
- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).
- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).
- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).
- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).
Patchnames: SUSE-2019-423,SUSE-SLE-Module-Basesystem-15-2019-423,SUSE-SLE-Module-Development-Tools-OBS-15-2019-423,SUSE-SLE-Module-Server-Applications-15-2019-423
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).\n\nNon-security issues fixed:\n\n- Improved disk performance for qemu on xen (bsc#1100408).\n- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).\n- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).\n- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).\n- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-423,SUSE-SLE-Module-Basesystem-15-2019-423,SUSE-SLE-Module-Development-Tools-OBS-15-2019-423,SUSE-SLE-Module-Server-Applications-15-2019-423",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0423-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0423-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190423-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0423-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005132.html"
},
{
"category": "self",
"summary": "SUSE Bug 1063993",
"url": "https://bugzilla.suse.com/1063993"
},
{
"category": "self",
"summary": "SUSE Bug 1079730",
"url": "https://bugzilla.suse.com/1079730"
},
{
"category": "self",
"summary": "SUSE Bug 1100408",
"url": "https://bugzilla.suse.com/1100408"
},
{
"category": "self",
"summary": "SUSE Bug 1101982",
"url": "https://bugzilla.suse.com/1101982"
},
{
"category": "self",
"summary": "SUSE Bug 1112646",
"url": "https://bugzilla.suse.com/1112646"
},
{
"category": "self",
"summary": "SUSE Bug 1114957",
"url": "https://bugzilla.suse.com/1114957"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1121600",
"url": "https://bugzilla.suse.com/1121600"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE Bug 1123179",
"url": "https://bugzilla.suse.com/1123179"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18954 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-18T15:26:50Z",
"generator": {
"date": "2019-02-18T15:26:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0423-1",
"initial_release_date": "2019-02-18T15:26:50Z",
"revision_history": [
{
"date": "2019-02-18T15:26:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-2.11.2-9.20.1.aarch64",
"product_id": "qemu-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.aarch64",
"product_id": "qemu-arm-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-curl-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.aarch64",
"product_id": "qemu-extra-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.aarch64",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.aarch64",
"product_id": "qemu-lang-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.aarch64",
"product_id": "qemu-linux-user-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.aarch64",
"product_id": "qemu-ppc-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.aarch64",
"product_id": "qemu-s390-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.aarch64",
"product_id": "qemu-testsuite-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.aarch64",
"product_id": "qemu-tools-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.aarch64",
"product_id": "qemu-x86-2.11.2-9.20.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-2.11.2-9.20.1.i586",
"product_id": "qemu-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.i586",
"product_id": "qemu-arm-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.i586",
"product_id": "qemu-block-curl-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.i586",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.i586",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.i586",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.i586",
"product_id": "qemu-extra-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.i586",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-kvm-2.11.2-9.20.1.i586",
"product_id": "qemu-kvm-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.i586",
"product_id": "qemu-lang-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.i586",
"product_id": "qemu-linux-user-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.i586",
"product_id": "qemu-ppc-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.i586",
"product_id": "qemu-s390-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.i586",
"product_id": "qemu-testsuite-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.i586",
"product_id": "qemu-tools-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.i586",
"product_id": "qemu-x86-2.11.2-9.20.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0+-9.20.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0+-9.20.1.noarch",
"product_id": "qemu-ipxe-1.0.0+-9.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.11.0-9.20.1.noarch",
"product": {
"name": "qemu-seabios-1.11.0-9.20.1.noarch",
"product_id": "qemu-seabios-1.11.0-9.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-9.20.1.noarch",
"product": {
"name": "qemu-sgabios-8-9.20.1.noarch",
"product_id": "qemu-sgabios-8-9.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.11.0-9.20.1.noarch",
"product": {
"name": "qemu-vgabios-1.11.0-9.20.1.noarch",
"product_id": "qemu-vgabios-1.11.0-9.20.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-arm-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-curl-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-extra-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-lang-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-linux-user-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-ppc-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-s390-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-testsuite-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-tools-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-x86-2.11.2-9.20.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-2.11.2-9.20.1.s390x",
"product_id": "qemu-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.s390x",
"product_id": "qemu-arm-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-curl-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.s390x",
"product_id": "qemu-extra-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.s390x",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-kvm-2.11.2-9.20.1.s390x",
"product_id": "qemu-kvm-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.s390x",
"product_id": "qemu-lang-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.s390x",
"product_id": "qemu-linux-user-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.s390x",
"product_id": "qemu-ppc-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.s390x",
"product_id": "qemu-s390-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.s390x",
"product_id": "qemu-tools-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.s390x",
"product_id": "qemu-x86-2.11.2-9.20.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-2.11.2-9.20.1.x86_64",
"product_id": "qemu-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.x86_64",
"product_id": "qemu-arm-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-curl-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.x86_64",
"product_id": "qemu-extra-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.x86_64",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-kvm-2.11.2-9.20.1.x86_64",
"product_id": "qemu-kvm-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.x86_64",
"product_id": "qemu-lang-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.x86_64",
"product_id": "qemu-linux-user-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.x86_64",
"product_id": "qemu-ppc-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.x86_64",
"product_id": "qemu-s390-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.x86_64",
"product_id": "qemu-testsuite-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.x86_64",
"product_id": "qemu-tools-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.x86_64",
"product_id": "qemu-x86-2.11.2-9.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-arm-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-kvm-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-ppc-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-s390-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch"
},
"product_reference": "qemu-sgabios-8-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-18954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18954"
}
],
"notes": [
{
"category": "general",
"text": "The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18954",
"url": "https://www.suse.com/security/cve/CVE-2018-18954"
},
{
"category": "external",
"summary": "SUSE Bug 1114957 for CVE-2018-18954",
"url": "https://bugzilla.suse.com/1114957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "important"
}
],
"title": "CVE-2018-18954"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0435-1
Vulnerability from csaf_suse - Published: 2019-02-19 12:12 - Updated: 2019-02-19 12:12Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).
Non-security issues fixed:
- Improved disk performance for qemu on xen (bsc#1100408).
- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).
- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).
- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).
- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).
Patchnames: SUSE-2019-435,SUSE-SLE-DESKTOP-12-SP4-2019-435,SUSE-SLE-SERVER-12-SP4-2019-435
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).\n\nNon-security issues fixed:\n\n- Improved disk performance for qemu on xen (bsc#1100408).\n- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).\n- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).\n- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).\n- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-435,SUSE-SLE-DESKTOP-12-SP4-2019-435,SUSE-SLE-SERVER-12-SP4-2019-435",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0435-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0435-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190435-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0435-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005136.html"
},
{
"category": "self",
"summary": "SUSE Bug 1063993",
"url": "https://bugzilla.suse.com/1063993"
},
{
"category": "self",
"summary": "SUSE Bug 1079730",
"url": "https://bugzilla.suse.com/1079730"
},
{
"category": "self",
"summary": "SUSE Bug 1100408",
"url": "https://bugzilla.suse.com/1100408"
},
{
"category": "self",
"summary": "SUSE Bug 1101982",
"url": "https://bugzilla.suse.com/1101982"
},
{
"category": "self",
"summary": "SUSE Bug 1112646",
"url": "https://bugzilla.suse.com/1112646"
},
{
"category": "self",
"summary": "SUSE Bug 1114957",
"url": "https://bugzilla.suse.com/1114957"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1121600",
"url": "https://bugzilla.suse.com/1121600"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE Bug 1123179",
"url": "https://bugzilla.suse.com/1123179"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18954 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-19T12:12:38Z",
"generator": {
"date": "2019-02-19T12:12:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0435-1",
"initial_release_date": "2019-02-19T12:12:38Z",
"revision_history": [
{
"date": "2019-02-19T12:12:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-2.11.2-5.8.1.aarch64",
"product_id": "qemu-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.aarch64",
"product_id": "qemu-arm-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-curl-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.aarch64",
"product_id": "qemu-extra-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.aarch64",
"product_id": "qemu-lang-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.aarch64",
"product_id": "qemu-linux-user-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.aarch64",
"product_id": "qemu-ppc-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.aarch64",
"product_id": "qemu-s390-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.aarch64",
"product_id": "qemu-tools-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.aarch64",
"product_id": "qemu-x86-2.11.2-5.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-2.11.2-5.8.1.i586",
"product_id": "qemu-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.i586",
"product_id": "qemu-arm-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.i586",
"product_id": "qemu-block-curl-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.i586",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.i586",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.i586",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.i586",
"product_id": "qemu-extra-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.i586",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-kvm-2.11.2-5.8.1.i586",
"product_id": "qemu-kvm-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.i586",
"product_id": "qemu-lang-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.i586",
"product_id": "qemu-linux-user-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.i586",
"product_id": "qemu-ppc-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.i586",
"product_id": "qemu-s390-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.i586",
"product_id": "qemu-tools-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.i586",
"product_id": "qemu-x86-2.11.2-5.8.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"product_id": "qemu-ipxe-1.0.0+-5.8.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.11.0-5.8.1.noarch",
"product": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch",
"product_id": "qemu-seabios-1.11.0-5.8.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-5.8.1.noarch",
"product": {
"name": "qemu-sgabios-8-5.8.1.noarch",
"product_id": "qemu-sgabios-8-5.8.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.11.0-5.8.1.noarch",
"product": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch",
"product_id": "qemu-vgabios-1.11.0-5.8.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-arm-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-curl-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-extra-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-lang-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-linux-user-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-ppc-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-s390-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-tools-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-x86-2.11.2-5.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-2.11.2-5.8.1.s390x",
"product_id": "qemu-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.s390x",
"product_id": "qemu-arm-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-curl-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.s390x",
"product_id": "qemu-extra-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-kvm-2.11.2-5.8.1.s390x",
"product_id": "qemu-kvm-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.s390x",
"product_id": "qemu-lang-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.s390x",
"product_id": "qemu-linux-user-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.s390x",
"product_id": "qemu-ppc-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.s390x",
"product_id": "qemu-s390-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.s390x",
"product_id": "qemu-tools-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.s390x",
"product_id": "qemu-x86-2.11.2-5.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-2.11.2-5.8.1.x86_64",
"product_id": "qemu-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.x86_64",
"product_id": "qemu-arm-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-curl-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.x86_64",
"product_id": "qemu-extra-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64",
"product_id": "qemu-kvm-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.x86_64",
"product_id": "qemu-lang-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.x86_64",
"product_id": "qemu-linux-user-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.x86_64",
"product_id": "qemu-ppc-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.x86_64",
"product_id": "qemu-s390-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64",
"product_id": "qemu-tools-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64",
"product_id": "qemu-x86-2.11.2-5.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch"
},
"product_reference": "qemu-sgabios-8-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-arm-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-s390-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch"
},
"product_reference": "qemu-sgabios-8-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-arm-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-s390-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch"
},
"product_reference": "qemu-sgabios-8-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-18954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18954"
}
],
"notes": [
{
"category": "general",
"text": "The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18954",
"url": "https://www.suse.com/security/cve/CVE-2018-18954"
},
{
"category": "external",
"summary": "SUSE Bug 1114957 for CVE-2018-18954",
"url": "https://bugzilla.suse.com/1114957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2018-18954"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0457-1
Vulnerability from csaf_suse - Published: 2019-02-21 06:07 - Updated: 2019-02-21 06:07Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
* CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
Patchnames: SUSE-2019-457,SUSE-SLE-SERVER-12-2019-457
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n* CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-457,SUSE-SLE-SERVER-12-2019-457",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0457-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0457-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190457-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0457-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005143.html"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-21T06:07:42Z",
"generator": {
"date": "2019-02-21T06:07:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0457-1",
"initial_release_date": "2019-02-21T06:07:42Z",
"revision_history": [
{
"date": "2019-02-21T06:07:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-2.0.2-48.49.3.aarch64",
"product_id": "qemu-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.aarch64",
"product_id": "qemu-arm-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.aarch64",
"product_id": "qemu-block-curl-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.aarch64",
"product_id": "qemu-extra-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.aarch64",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.aarch64",
"product_id": "qemu-lang-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.aarch64",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.aarch64",
"product_id": "qemu-linux-user-2.0.2-48.49.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.aarch64",
"product_id": "qemu-ppc-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.aarch64",
"product_id": "qemu-s390-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.aarch64",
"product_id": "qemu-tools-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.aarch64",
"product_id": "qemu-x86-2.0.2-48.49.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-2.0.2-48.49.3.i586",
"product_id": "qemu-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.i586",
"product_id": "qemu-arm-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.i586",
"product_id": "qemu-block-curl-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.i586",
"product_id": "qemu-extra-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.i586",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-kvm-2.0.2-48.49.3.i586",
"product_id": "qemu-kvm-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.i586",
"product_id": "qemu-lang-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.i586",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.i586",
"product_id": "qemu-linux-user-2.0.2-48.49.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.i586",
"product_id": "qemu-ppc-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.i586",
"product_id": "qemu-s390-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.i586",
"product_id": "qemu-tools-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.i586",
"product_id": "qemu-x86-2.0.2-48.49.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0-48.49.3.noarch",
"product": {
"name": "qemu-ipxe-1.0.0-48.49.3.noarch",
"product_id": "qemu-ipxe-1.0.0-48.49.3.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.7.4-48.49.3.noarch",
"product": {
"name": "qemu-seabios-1.7.4-48.49.3.noarch",
"product_id": "qemu-seabios-1.7.4-48.49.3.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-48.49.3.noarch",
"product": {
"name": "qemu-sgabios-8-48.49.3.noarch",
"product_id": "qemu-sgabios-8-48.49.3.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.7.4-48.49.3.noarch",
"product": {
"name": "qemu-vgabios-1.7.4-48.49.3.noarch",
"product_id": "qemu-vgabios-1.7.4-48.49.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-arm-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-block-curl-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-extra-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-lang-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.ppc64le",
"product_id": "qemu-linux-user-2.0.2-48.49.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-ppc-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-s390-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-tools-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-x86-2.0.2-48.49.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-2.0.2-48.49.3.s390x",
"product_id": "qemu-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.s390x",
"product_id": "qemu-arm-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.s390x",
"product_id": "qemu-block-curl-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.s390x",
"product_id": "qemu-extra-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.s390x",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-kvm-2.0.2-48.49.3.s390x",
"product_id": "qemu-kvm-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.s390x",
"product_id": "qemu-lang-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.s390x",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.s390x",
"product_id": "qemu-linux-user-2.0.2-48.49.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.s390x",
"product_id": "qemu-ppc-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.s390x",
"product_id": "qemu-s390-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.s390x",
"product_id": "qemu-tools-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.s390x",
"product_id": "qemu-x86-2.0.2-48.49.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-2.0.2-48.49.3.x86_64",
"product_id": "qemu-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.x86_64",
"product_id": "qemu-arm-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.x86_64",
"product_id": "qemu-block-curl-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-block-rbd-2.0.2-48.49.3.x86_64",
"product_id": "qemu-block-rbd-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.x86_64",
"product_id": "qemu-extra-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.x86_64",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-kvm-2.0.2-48.49.3.x86_64",
"product_id": "qemu-kvm-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.x86_64",
"product_id": "qemu-lang-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.x86_64",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.x86_64",
"product_id": "qemu-linux-user-2.0.2-48.49.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.x86_64",
"product_id": "qemu-ppc-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.x86_64",
"product_id": "qemu-s390-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.x86_64",
"product_id": "qemu-tools-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.x86_64",
"product_id": "qemu-x86-2.0.2-48.49.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-block-curl-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-block-curl-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-block-curl-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-block-rbd-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-guest-agent-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-guest-agent-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch"
},
"product_reference": "qemu-ipxe-1.0.0-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-kvm-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-kvm-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-lang-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-lang-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-lang-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-ppc-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-s390-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.7.4-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch"
},
"product_reference": "qemu-seabios-1.7.4-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch"
},
"product_reference": "qemu-sgabios-8-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-tools-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-tools-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-tools-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.7.4-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch"
},
"product_reference": "qemu-vgabios-1.7.4-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-x86-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-21T06:07:42Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-21T06:07:42Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-21T06:07:42Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0471-1
Vulnerability from csaf_suse - Published: 2019-02-22 12:47 - Updated: 2019-02-22 12:47Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issue fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
Patchnames: SUSE-2019-471,SUSE-SLE-SERVER-12-SP1-2019-471
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-471,SUSE-SLE-SERVER-12-SP1-2019-471",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0471-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0471-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190471-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0471-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005146.html"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-22T12:47:28Z",
"generator": {
"date": "2019-02-22T12:47:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0471-1",
"initial_release_date": "2019-02-22T12:47:28Z",
"revision_history": [
{
"date": "2019-02-22T12:47:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-2.3.1-33.20.1.aarch64",
"product_id": "qemu-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.aarch64",
"product_id": "qemu-arm-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.aarch64",
"product_id": "qemu-block-curl-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.aarch64",
"product_id": "qemu-extra-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.aarch64",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.aarch64",
"product_id": "qemu-lang-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.aarch64",
"product_id": "qemu-linux-user-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.aarch64",
"product_id": "qemu-ppc-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.aarch64",
"product_id": "qemu-s390-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.aarch64",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.aarch64",
"product_id": "qemu-testsuite-2.3.1-33.20.2.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.aarch64",
"product_id": "qemu-tools-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.aarch64",
"product_id": "qemu-x86-2.3.1-33.20.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-2.3.1-33.20.1.i586",
"product_id": "qemu-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.i586",
"product_id": "qemu-arm-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.i586",
"product_id": "qemu-block-curl-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.i586",
"product_id": "qemu-extra-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.i586",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-kvm-2.3.1-33.20.1.i586",
"product_id": "qemu-kvm-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.i586",
"product_id": "qemu-lang-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.i586",
"product_id": "qemu-linux-user-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.i586",
"product_id": "qemu-ppc-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.i586",
"product_id": "qemu-s390-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.i586",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.i586",
"product_id": "qemu-testsuite-2.3.1-33.20.2.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.i586",
"product_id": "qemu-tools-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.i586",
"product_id": "qemu-x86-2.3.1-33.20.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0-33.20.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0-33.20.1.noarch",
"product_id": "qemu-ipxe-1.0.0-33.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.8.1-33.20.1.noarch",
"product": {
"name": "qemu-seabios-1.8.1-33.20.1.noarch",
"product_id": "qemu-seabios-1.8.1-33.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-33.20.1.noarch",
"product": {
"name": "qemu-sgabios-8-33.20.1.noarch",
"product_id": "qemu-sgabios-8-33.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.8.1-33.20.1.noarch",
"product": {
"name": "qemu-vgabios-1.8.1-33.20.1.noarch",
"product_id": "qemu-vgabios-1.8.1-33.20.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-arm-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-block-curl-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-extra-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-lang-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-linux-user-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-ppc-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-s390-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.ppc64le",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.ppc64le",
"product_id": "qemu-testsuite-2.3.1-33.20.2.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-tools-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-x86-2.3.1-33.20.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-2.3.1-33.20.1.s390x",
"product_id": "qemu-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.s390x",
"product_id": "qemu-arm-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.s390x",
"product_id": "qemu-block-curl-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.s390x",
"product_id": "qemu-extra-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.s390x",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-kvm-2.3.1-33.20.1.s390x",
"product_id": "qemu-kvm-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.s390x",
"product_id": "qemu-lang-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.s390x",
"product_id": "qemu-linux-user-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.s390x",
"product_id": "qemu-ppc-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.s390x",
"product_id": "qemu-s390-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.s390x",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.s390x",
"product_id": "qemu-testsuite-2.3.1-33.20.2.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.s390x",
"product_id": "qemu-tools-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.s390x",
"product_id": "qemu-x86-2.3.1-33.20.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-2.3.1-33.20.1.x86_64",
"product_id": "qemu-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.x86_64",
"product_id": "qemu-arm-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.x86_64",
"product_id": "qemu-block-curl-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.3.1-33.20.1.x86_64",
"product_id": "qemu-block-rbd-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.x86_64",
"product_id": "qemu-extra-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.x86_64",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-kvm-2.3.1-33.20.1.x86_64",
"product_id": "qemu-kvm-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.x86_64",
"product_id": "qemu-lang-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.x86_64",
"product_id": "qemu-linux-user-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.x86_64",
"product_id": "qemu-ppc-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.x86_64",
"product_id": "qemu-s390-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.x86_64",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.x86_64",
"product_id": "qemu-testsuite-2.3.1-33.20.2.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.x86_64",
"product_id": "qemu-tools-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.x86_64",
"product_id": "qemu-x86-2.3.1-33.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-block-curl-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-block-curl-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-guest-agent-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-kvm-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-kvm-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-lang-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-lang-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-lang-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-ppc-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-s390-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.8.1-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch"
},
"product_reference": "qemu-seabios-1.8.1-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch"
},
"product_reference": "qemu-sgabios-8-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-tools-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-tools-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-tools-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.8.1-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch"
},
"product_reference": "qemu-vgabios-1.8.1-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-x86-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…