- Home
- CVEs with nessus.description==This update for qemu fixes the following issues :
These security issues were fixed :
CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket causing DoS (bsc#1098735)
CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented datagrams (bsc#1096223)
With this release the mitigations for Spectre v4 are moved the the patches from upstream (CVE-2018-3639, bsc#1092885).
This non-security was fixed: Fix VirtQueue error for virtio-balloon during live migration (bsc#1020928).
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top