Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-19489 (GCVE-0-2018-19489)
Vulnerability from cvelistv5 – Published: 2018-12-13 19:00 – Updated: 2024-08-05 11:37
VLAI?
EPSS
Summary
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2018/11/26/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2019… | mailing-listx_refsource_MLIST |
| https://lists.gnu.org/archive/html/qemu-devel/201… | mailing-listx_refsource_MLIST |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106007 | vdb-entryx_refsource_BID |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://usn.ubuntu.com/3923-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://www.debian.org/security/2019/dsa-4454 | vendor-advisoryx_refsource_DEBIAN |
| https://seclists.org/bugtraq/2019/May/76 | mailing-listx_refsource_BUGTRAQ |
Date Public ?
2018-11-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:37:11.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20181126 CVE-2018-19489 QEMU: 9pfs: crash due to race condition in renaming files",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181122 9p: fix QEMU crash when renaming files",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"name": "qemu-cve201819489-dos(153326)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"name": "106007",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106007"
},
{
"name": "FEDORA-2019-88a98ce795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "USN-3923-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3923-1/"
},
{
"name": "openSUSE-SU-2019:1074",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-31T13:06:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20181126 CVE-2018-19489 QEMU: 9pfs: crash due to race condition in renaming files",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181122 9p: fix QEMU crash when renaming files",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"name": "qemu-cve201819489-dos(153326)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"name": "106007",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106007"
},
{
"name": "FEDORA-2019-88a98ce795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "USN-3923-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3923-1/"
},
{
"name": "openSUSE-SU-2019:1074",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20181126 CVE-2018-19489 QEMU: 9pfs: crash due to race condition in renaming files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181122 9p: fix QEMU crash when renaming files",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2018-19489",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"name": "qemu-cve201819489-dos(153326)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"name": "https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8",
"refsource": "CONFIRM",
"url": "https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"name": "106007",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106007"
},
{
"name": "FEDORA-2019-88a98ce795",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "USN-3923-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3923-1/"
},
{
"name": "openSUSE-SU-2019:1074",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/76"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19489",
"datePublished": "2018-12-13T19:00:00.000Z",
"dateReserved": "2018-11-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:37:11.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-19489",
"date": "2026-05-20",
"epss": "0.0004",
"percentile": "0.12118"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.0\", \"matchCriteriaId\": \"16AFB9CD-95CF-4552-A8C1-1B4F496925B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"C726BD36-EA1B-4260-ABCD-29587B584058\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"58E67452-3056-42CF-A6A0-EFB854366642\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qemu:qemu:3.1.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"683347B2-2CEA-4CDD-AAB8-B91B185075EA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.\"}, {\"lang\": \"es\", \"value\": \"v9fs_wstat en hw/9pfs/9p.c en QEMU permite que los usuarios invitados del sistema operativo provoquen una denegaci\\u00f3n de servicio (cierre inesperado) debido a una condici\\u00f3n de carrera durante el renombrado de los archivos.\"}]",
"id": "CVE-2018-19489",
"lastModified": "2024-11-21T03:58:00.517",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 1.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.4, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-12-13T19:29:00.730",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2018/11/26/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106007\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/153326\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/76\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2018-19489\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3923-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4454\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2018/11/26/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/153326\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/76\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2018-19489\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3923-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4454\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-362\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-19489\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-12-13T19:29:00.730\",\"lastModified\":\"2024-11-21T03:58:00.517\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.\"},{\"lang\":\"es\",\"value\":\"v9fs_wstat en hw/9pfs/9p.c en QEMU permite que los usuarios invitados del sistema operativo provoquen una denegaci\u00f3n de servicio (cierre inesperado) debido a una condici\u00f3n de carrera durante el renombrado de los archivos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":1.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.0\",\"matchCriteriaId\":\"16AFB9CD-95CF-4552-A8C1-1B4F496925B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"C726BD36-EA1B-4260-ABCD-29587B584058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"58E67452-3056-42CF-A6A0-EFB854366642\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:3.1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"683347B2-2CEA-4CDD-AAB8-B91B185075EA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2018/11/26/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106007\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/153326\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/76\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2018-19489\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3923-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4454\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2018/11/26/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/153326\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/76\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2018-19489\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3923-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4454\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
BDU:2020-00703
Vulnerability from fstec - Published: 22.11.2018
VLAI Severity ?
Title
Уязвимость функций v9fs_wstat (hw/9pfs/9p.c) эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функций v9fs_wstat (hw/9pfs/9p.c) эмулятора аппаратного обеспечения QEMU связана с использованием общего ресурса с неправильной синхронизацией во время переименования файла. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity ?
Vendor
Canonical Ltd., Сообщество свободного программного обеспечения, Novell Inc., ООО «РусБИТех-Астра», Fedora Project, Fabrice Bellard
Software Name
Ubuntu, Debian GNU/Linux, OpenSUSE Leap, Astra Linux Special Edition (запись в едином реестре российских программ №369), Fedora, QEMU
Software Version
14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 42.3 (OpenSUSE Leap), 18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), 29 (Fedora), 8 (Debian GNU/Linux), до 3.1 (QEMU)
Possible Mitigations
Использование рекомендаций:
Для qemu:
Обновление программного обеспечения до 1:3.1+dfsg-8 или более поздней версии
Для Debian:
Обновление программного обеспечения (пакета qemu) до 1:2.8+dfsg-6+deb9u6 или более поздней версии
Для программных продуктов Novell Inc.
https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html
Для Ubuntu:
https://usn.ubuntu.com/3923-1/
Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/
Для Astra Linux:
https://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-19489
https://security-tracker.debian.org/tracker/CVE-2018-19489
https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html
https://usn.ubuntu.com/3923-1/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/
https://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186
CWE
CWE-362
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Novell Inc., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Fedora Project, Fabrice Bellard",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 42.3 (OpenSUSE Leap), 18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 29 (Fedora), 8 (Debian GNU/Linux), \u0434\u043e 3.1 (QEMU)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f qemu:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 1:3.1+dfsg-8 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 qemu) \u0434\u043e 1:2.8+dfsg-6+deb9u6 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.\nhttps://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/3923-1/\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\n\n\u0414\u043b\u044f Astra Linux:\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "22.11.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.02.2020",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.02.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00703",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-19489",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, OpenSUSE Leap, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Fedora, QEMU",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 14.04 LTS , Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Novell Inc. OpenSUSE Leap 42.3 , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 18.10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Fedora Project Fedora 29 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 v9fs_wstat (hw/9pfs/9p.c) \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f QEMU, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043e\u0431\u0449\u0435\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u043d\u0445\u0440\u043e\u043d\u0438\u0437\u0430\u0446\u0438\u0435\u0439 (\u00ab\u0421\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0433\u043e\u043d\u043a\u0438\u00bb) (CWE-362)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 v9fs_wstat (hw/9pfs/9p.c) \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f QEMU \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043e\u0431\u0449\u0435\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u043d\u0445\u0440\u043e\u043d\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u043e\u043a\u0430\u043c\u0438 \u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2018-19489\nhttps://security-tracker.debian.org/tracker/CVE-2018-19489\nhttps://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html\nhttps://usn.ubuntu.com/3923-1/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-362",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,9)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
CNVD-2018-24494
Vulnerability from cnvd - Published: 2018-12-03
VLAI Severity ?
Title
QEMU拒绝服务漏洞(CNVD-2018-24494)
Description
QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。
QEMU中存在安全漏洞。本地攻击者可利用该漏洞造成拒绝服务(QEMU进程崩溃)。
Severity
低
Patch Name
QEMU拒绝服务漏洞(CNVD-2018-24494)的补丁
Patch Description
QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。
QEMU中存在安全漏洞。本地攻击者可利用该漏洞造成拒绝服务(QEMU进程崩溃)。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页: https://wiki.qemu.org/
Reference
http://www.securityfocus.com/bid/106007
Impacted products
| Name | QEMU QEMU |
|---|
{
"bids": {
"bid": {
"bidNumber": "106007"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2018-19489"
}
},
"description": "QEMU\uff08\u53c8\u540dQuick Emulator\uff09\u662f\u6cd5\u56fd\u7a0b\u5e8f\u5458\u6cd5\u5e03\u91cc\u65af-\u8d1d\u62c9\uff08Fabrice Bellard\uff09\u6240\u7814\u53d1\u7684\u4e00\u5957\u6a21\u62df\u5904\u7406\u5668\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5177\u6709\u901f\u5ea6\u5feb\u3001\u8de8\u5e73\u53f0\u7b49\u7279\u70b9\u3002\n\nQEMU\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08QEMU\u8fdb\u7a0b\u5d29\u6e83\uff09\u3002",
"discovererName": "Zhibin Hu",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://wiki.qemu.org/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-24494",
"openTime": "2018-12-03",
"patchDescription": "QEMU\uff08\u53c8\u540dQuick Emulator\uff09\u662f\u6cd5\u56fd\u7a0b\u5e8f\u5458\u6cd5\u5e03\u91cc\u65af-\u8d1d\u62c9\uff08Fabrice Bellard\uff09\u6240\u7814\u53d1\u7684\u4e00\u5957\u6a21\u62df\u5904\u7406\u5668\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5177\u6709\u901f\u5ea6\u5feb\u3001\u8de8\u5e73\u53f0\u7b49\u7279\u70b9\u3002\r\n\r\nQEMU\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08QEMU\u8fdb\u7a0b\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "QEMU\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-24494\uff09\u7684\u8865\u4e01",
"products": {
"product": "QEMU QEMU"
},
"referenceLink": "http://www.securityfocus.com/bid/106007",
"serverity": "\u4f4e",
"submitTime": "2018-11-27",
"title": "QEMU\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-24494\uff09"
}
FKIE_CVE-2018-19489
Vulnerability from fkie_nvd - Published: 2018-12-13 19:29 - Updated: 2024-11-21 03:58
Severity ?
Summary
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| qemu | qemu | 3.1.0 | |
| qemu | qemu | 3.1.0 | |
| qemu | qemu | 3.1.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| fedoraproject | fedora | 29 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| opensuse | leap | 42.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16AFB9CD-95CF-4552-A8C1-1B4F496925B6",
"versionEndIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "C726BD36-EA1B-4260-ABCD-29587B584058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "58E67452-3056-42CF-A6A0-EFB854366642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:3.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "683347B2-2CEA-4CDD-AAB8-B91B185075EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming."
},
{
"lang": "es",
"value": "v9fs_wstat en hw/9pfs/9p.c en QEMU permite que los usuarios invitados del sistema operativo provoquen una denegaci\u00f3n de servicio (cierre inesperado) debido a una condici\u00f3n de carrera durante el renombrado de los archivos."
}
],
"id": "CVE-2018-19489",
"lastModified": "2024-11-21T03:58:00.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-13T19:29:00.730",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106007"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"source": "cve@mitre.org",
"url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3923-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3923-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-FH27-82WQ-79R2
Vulnerability from github – Published: 2022-05-13 01:26 – Updated: 2022-05-13 01:26
VLAI?
Details
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
Severity ?
4.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2018-19489"
],
"database_specific": {
"cwe_ids": [
"CWE-362"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-13T19:29:00Z",
"severity": "MODERATE"
},
"details": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"id": "GHSA-fh27-82wq-79r2",
"modified": "2022-05-13T01:26:37Z",
"published": "2022-05-13T01:26:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19489"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"type": "WEB",
"url": "https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/May/76"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3923-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106007"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-19489
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-19489",
"description": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"id": "GSD-2018-19489",
"references": [
"https://www.suse.com/security/cve/CVE-2018-19489.html",
"https://www.debian.org/security/2019/dsa-4454",
"https://ubuntu.com/security/CVE-2018-19489",
"https://linux.oracle.com/cve/CVE-2018-19489.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-19489"
],
"details": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"id": "GSD-2018-19489",
"modified": "2023-12-13T01:22:39.272197Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20181126 CVE-2018-19489 QEMU: 9pfs: crash due to race condition in renaming files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "[qemu-devel] 20181122 9p: fix QEMU crash when renaming files",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2018-19489",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"name": "qemu-cve201819489-dos(153326)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"name": "https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8",
"refsource": "CONFIRM",
"url": "https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"name": "106007",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106007"
},
{
"name": "FEDORA-2019-88a98ce795",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "USN-3923-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3923-1/"
},
{
"name": "openSUSE-SU-2019:1074",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/76"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:3.1.0:rc0:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:3.1.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:3.1.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19489"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2018-19489",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-19489"
},
{
"name": "[qemu-devel] 20181122 9p: fix QEMU crash when renaming files",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg04489.html"
},
{
"name": "https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8",
"refsource": "CONFIRM",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.qemu.org/?p=qemu.git;a=commit;h=1d20398694a3b67a388d955b7a945ba4aa90a8a8"
},
{
"name": "qemu-cve201819489-dos(153326)",
"refsource": "XF",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153326"
},
{
"name": "106007",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106007"
},
{
"name": "[oss-security] 20181126 CVE-2018-19489 QEMU: 9pfs: crash due to race condition in renaming files",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/11/26/1"
},
{
"name": "[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00023.html"
},
{
"name": "FEDORA-2019-88a98ce795",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"name": "USN-3923-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3923-1/"
},
{
"name": "openSUSE-SU-2019:1074",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
},
{
"name": "DSA-4454",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
"refsource": "BUGTRAQ",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/76"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-05-12T18:28Z",
"publishedDate": "2018-12-13T19:29Z"
}
}
}
OPENSUSE-SU-2019:0254-1
Vulnerability from csaf_opensuse - Published: 2019-03-23 11:07 - Updated: 2019-03-23 11:07Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).
Non-security issues fixed:
- Improved disk performance for qemu on xen (bsc#1100408).
- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).
- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).
- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).
- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-254
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).\n\nNon-security issues fixed:\n\n- Improved disk performance for qemu on xen (bsc#1100408).\n- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).\n- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).\n- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).\n- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-254",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0254-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:0254-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG/#CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:0254-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG/#CFHQEGEI3EZECFQN4HM6ST73KWNYQDTG"
},
{
"category": "self",
"summary": "SUSE Bug 1063993",
"url": "https://bugzilla.suse.com/1063993"
},
{
"category": "self",
"summary": "SUSE Bug 1079730",
"url": "https://bugzilla.suse.com/1079730"
},
{
"category": "self",
"summary": "SUSE Bug 1100408",
"url": "https://bugzilla.suse.com/1100408"
},
{
"category": "self",
"summary": "SUSE Bug 1101982",
"url": "https://bugzilla.suse.com/1101982"
},
{
"category": "self",
"summary": "SUSE Bug 1112646",
"url": "https://bugzilla.suse.com/1112646"
},
{
"category": "self",
"summary": "SUSE Bug 1114957",
"url": "https://bugzilla.suse.com/1114957"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1121600",
"url": "https://bugzilla.suse.com/1121600"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE Bug 1123179",
"url": "https://bugzilla.suse.com/1123179"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18954 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-03-23T11:07:37Z",
"generator": {
"date": "2019-03-23T11:07:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:0254-1",
"initial_release_date": "2019-03-23T11:07:37Z",
"revision_history": [
{
"date": "2019-03-23T11:07:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"product_id": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"product": {
"name": "qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"product_id": "qemu-seabios-1.11.0-lp150.7.18.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-lp150.7.18.1.noarch",
"product": {
"name": "qemu-sgabios-8-lp150.7.18.1.noarch",
"product_id": "qemu-sgabios-8-lp150.7.18.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"product": {
"name": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"product_id": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-arm-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-extra-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-lang-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-s390-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-tools-2.11.2-lp150.7.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-lp150.7.18.1.x86_64",
"product": {
"name": "qemu-x86-2.11.2-lp150.7.18.1.x86_64",
"product_id": "qemu-x86-2.11.2-lp150.7.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-extra-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch"
},
"product_reference": "qemu-sgabios-8-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-lp150.7.18.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-lp150.7.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-18954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18954"
}
],
"notes": [
{
"category": "general",
"text": "The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18954",
"url": "https://www.suse.com/security/cve/CVE-2018-18954"
},
{
"category": "external",
"summary": "SUSE Bug 1114957 for CVE-2018-18954",
"url": "https://bugzilla.suse.com/1114957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "important"
}
],
"title": "CVE-2018-18954"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:qemu-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-arm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-curl-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-dmg-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-gluster-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-iscsi-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-rbd-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-block-ssh-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-extra-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-guest-agent-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ipxe-1.0.0+-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-ksm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-kvm-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-lang-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-linux-user-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-ppc-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-s390-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-seabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-sgabios-8-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-testsuite-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-tools-2.11.2-lp150.7.18.1.x86_64",
"openSUSE Leap 15.0:qemu-vgabios-1.11.0-lp150.7.18.1.noarch",
"openSUSE Leap 15.0:qemu-x86-2.11.2-lp150.7.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:07:37Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0423-1
Vulnerability from csaf_suse - Published: 2019-02-18 15:26 - Updated: 2019-02-18 15:26Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).
Non-security issues fixed:
- Improved disk performance for qemu on xen (bsc#1100408).
- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).
- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).
- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).
- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).
Patchnames: SUSE-2019-423,SUSE-SLE-Module-Basesystem-15-2019-423,SUSE-SLE-Module-Development-Tools-OBS-15-2019-423,SUSE-SLE-Module-Server-Applications-15-2019-423
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).\n\nNon-security issues fixed:\n\n- Improved disk performance for qemu on xen (bsc#1100408).\n- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).\n- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).\n- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).\n- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-423,SUSE-SLE-Module-Basesystem-15-2019-423,SUSE-SLE-Module-Development-Tools-OBS-15-2019-423,SUSE-SLE-Module-Server-Applications-15-2019-423",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0423-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0423-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190423-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0423-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005132.html"
},
{
"category": "self",
"summary": "SUSE Bug 1063993",
"url": "https://bugzilla.suse.com/1063993"
},
{
"category": "self",
"summary": "SUSE Bug 1079730",
"url": "https://bugzilla.suse.com/1079730"
},
{
"category": "self",
"summary": "SUSE Bug 1100408",
"url": "https://bugzilla.suse.com/1100408"
},
{
"category": "self",
"summary": "SUSE Bug 1101982",
"url": "https://bugzilla.suse.com/1101982"
},
{
"category": "self",
"summary": "SUSE Bug 1112646",
"url": "https://bugzilla.suse.com/1112646"
},
{
"category": "self",
"summary": "SUSE Bug 1114957",
"url": "https://bugzilla.suse.com/1114957"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1121600",
"url": "https://bugzilla.suse.com/1121600"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE Bug 1123179",
"url": "https://bugzilla.suse.com/1123179"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18954 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-18T15:26:50Z",
"generator": {
"date": "2019-02-18T15:26:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0423-1",
"initial_release_date": "2019-02-18T15:26:50Z",
"revision_history": [
{
"date": "2019-02-18T15:26:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-2.11.2-9.20.1.aarch64",
"product_id": "qemu-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.aarch64",
"product_id": "qemu-arm-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-curl-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.aarch64",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.aarch64",
"product_id": "qemu-extra-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.aarch64",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.aarch64",
"product_id": "qemu-lang-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.aarch64",
"product_id": "qemu-linux-user-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.aarch64",
"product_id": "qemu-ppc-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.aarch64",
"product_id": "qemu-s390-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.aarch64",
"product_id": "qemu-testsuite-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.aarch64",
"product_id": "qemu-tools-2.11.2-9.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.aarch64",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.aarch64",
"product_id": "qemu-x86-2.11.2-9.20.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-2.11.2-9.20.1.i586",
"product_id": "qemu-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.i586",
"product_id": "qemu-arm-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.i586",
"product_id": "qemu-block-curl-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.i586",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.i586",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.i586",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.i586",
"product_id": "qemu-extra-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.i586",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-kvm-2.11.2-9.20.1.i586",
"product_id": "qemu-kvm-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.i586",
"product_id": "qemu-lang-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.i586",
"product_id": "qemu-linux-user-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.i586",
"product_id": "qemu-ppc-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.i586",
"product_id": "qemu-s390-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.i586",
"product_id": "qemu-testsuite-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.i586",
"product_id": "qemu-tools-2.11.2-9.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.i586",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.i586",
"product_id": "qemu-x86-2.11.2-9.20.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0+-9.20.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0+-9.20.1.noarch",
"product_id": "qemu-ipxe-1.0.0+-9.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.11.0-9.20.1.noarch",
"product": {
"name": "qemu-seabios-1.11.0-9.20.1.noarch",
"product_id": "qemu-seabios-1.11.0-9.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-9.20.1.noarch",
"product": {
"name": "qemu-sgabios-8-9.20.1.noarch",
"product_id": "qemu-sgabios-8-9.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.11.0-9.20.1.noarch",
"product": {
"name": "qemu-vgabios-1.11.0-9.20.1.noarch",
"product_id": "qemu-vgabios-1.11.0-9.20.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-arm-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-curl-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-extra-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-lang-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-linux-user-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-ppc-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-s390-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-testsuite-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-tools-2.11.2-9.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.ppc64le",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.ppc64le",
"product_id": "qemu-x86-2.11.2-9.20.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-2.11.2-9.20.1.s390x",
"product_id": "qemu-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.s390x",
"product_id": "qemu-arm-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-curl-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.s390x",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.s390x",
"product_id": "qemu-extra-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.s390x",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-kvm-2.11.2-9.20.1.s390x",
"product_id": "qemu-kvm-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.s390x",
"product_id": "qemu-lang-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.s390x",
"product_id": "qemu-linux-user-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.s390x",
"product_id": "qemu-ppc-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.s390x",
"product_id": "qemu-s390-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.s390x",
"product_id": "qemu-tools-2.11.2-9.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.s390x",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.s390x",
"product_id": "qemu-x86-2.11.2-9.20.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-2.11.2-9.20.1.x86_64",
"product_id": "qemu-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-arm-2.11.2-9.20.1.x86_64",
"product_id": "qemu-arm-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-curl-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-curl-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-dmg-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-dmg-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-iscsi-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-rbd-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-block-ssh-2.11.2-9.20.1.x86_64",
"product_id": "qemu-block-ssh-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-extra-2.11.2-9.20.1.x86_64",
"product_id": "qemu-extra-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.11.2-9.20.1.x86_64",
"product_id": "qemu-guest-agent-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-kvm-2.11.2-9.20.1.x86_64",
"product_id": "qemu-kvm-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-lang-2.11.2-9.20.1.x86_64",
"product_id": "qemu-lang-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-linux-user-2.11.2-9.20.1.x86_64",
"product_id": "qemu-linux-user-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-ppc-2.11.2-9.20.1.x86_64",
"product_id": "qemu-ppc-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-s390-2.11.2-9.20.1.x86_64",
"product_id": "qemu-s390-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-testsuite-2.11.2-9.20.1.x86_64",
"product_id": "qemu-testsuite-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-tools-2.11.2-9.20.1.x86_64",
"product_id": "qemu-tools-2.11.2-9.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-9.20.1.x86_64",
"product": {
"name": "qemu-x86-2.11.2-9.20.1.x86_64",
"product_id": "qemu-x86-2.11.2-9.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-arm-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-kvm-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-9.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le"
},
"product_reference": "qemu-ppc-2.11.2-9.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-9.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x"
},
"product_reference": "qemu-s390-2.11.2-9.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch"
},
"product_reference": "qemu-sgabios-8-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-9.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-9.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-9.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-9.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-18954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18954"
}
],
"notes": [
{
"category": "general",
"text": "The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18954",
"url": "https://www.suse.com/security/cve/CVE-2018-18954"
},
{
"category": "external",
"summary": "SUSE Bug 1114957 for CVE-2018-18954",
"url": "https://bugzilla.suse.com/1114957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "important"
}
],
"title": "CVE-2018-18954"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:qemu-tools-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-arm-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-curl-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-iscsi-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-rbd-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-block-ssh-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-guest-agent-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ipxe-1.0.0+-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-kvm-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-lang-2.11.2-9.20.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-ppc-2.11.2-9.20.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-s390-2.11.2-9.20.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-seabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-sgabios-8-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-vgabios-1.11.0-9.20.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15:qemu-x86-2.11.2-9.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-18T15:26:50Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0435-1
Vulnerability from csaf_suse - Published: 2019-02-19 12:12 - Updated: 2019-02-19 12:12Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).
Non-security issues fixed:
- Improved disk performance for qemu on xen (bsc#1100408).
- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).
- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).
- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).
- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).
Patchnames: SUSE-2019-435,SUSE-SLE-DESKTOP-12-SP4-2019-435,SUSE-SLE-SERVER-12-SP4-2019-435
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n- CVE-2018-18954: Fixed a denial of service vulnerability related to PowerPC PowerNV memory operations (bsc#1114957).\n\nNon-security issues fixed:\n\n- Improved disk performance for qemu on xen (bsc#1100408).\n- Fixed xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993).\n- Fixed pwrite64/pread64/write to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600).\n- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646).\n- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-435,SUSE-SLE-DESKTOP-12-SP4-2019-435,SUSE-SLE-SERVER-12-SP4-2019-435",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0435-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0435-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190435-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0435-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005136.html"
},
{
"category": "self",
"summary": "SUSE Bug 1063993",
"url": "https://bugzilla.suse.com/1063993"
},
{
"category": "self",
"summary": "SUSE Bug 1079730",
"url": "https://bugzilla.suse.com/1079730"
},
{
"category": "self",
"summary": "SUSE Bug 1100408",
"url": "https://bugzilla.suse.com/1100408"
},
{
"category": "self",
"summary": "SUSE Bug 1101982",
"url": "https://bugzilla.suse.com/1101982"
},
{
"category": "self",
"summary": "SUSE Bug 1112646",
"url": "https://bugzilla.suse.com/1112646"
},
{
"category": "self",
"summary": "SUSE Bug 1114957",
"url": "https://bugzilla.suse.com/1114957"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1121600",
"url": "https://bugzilla.suse.com/1121600"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE Bug 1123179",
"url": "https://bugzilla.suse.com/1123179"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18954 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-19T12:12:38Z",
"generator": {
"date": "2019-02-19T12:12:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0435-1",
"initial_release_date": "2019-02-19T12:12:38Z",
"revision_history": [
{
"date": "2019-02-19T12:12:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-2.11.2-5.8.1.aarch64",
"product_id": "qemu-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.aarch64",
"product_id": "qemu-arm-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-curl-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.aarch64",
"product_id": "qemu-extra-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.aarch64",
"product_id": "qemu-lang-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.aarch64",
"product_id": "qemu-linux-user-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.aarch64",
"product_id": "qemu-ppc-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.aarch64",
"product_id": "qemu-s390-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.aarch64",
"product_id": "qemu-tools-2.11.2-5.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.aarch64",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.aarch64",
"product_id": "qemu-x86-2.11.2-5.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-2.11.2-5.8.1.i586",
"product_id": "qemu-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.i586",
"product_id": "qemu-arm-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.i586",
"product_id": "qemu-block-curl-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.i586",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.i586",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.i586",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.i586",
"product_id": "qemu-extra-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.i586",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-kvm-2.11.2-5.8.1.i586",
"product_id": "qemu-kvm-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.i586",
"product_id": "qemu-lang-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.i586",
"product_id": "qemu-linux-user-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.i586",
"product_id": "qemu-ppc-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.i586",
"product_id": "qemu-s390-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.i586",
"product_id": "qemu-tools-2.11.2-5.8.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.i586",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.i586",
"product_id": "qemu-x86-2.11.2-5.8.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"product_id": "qemu-ipxe-1.0.0+-5.8.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.11.0-5.8.1.noarch",
"product": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch",
"product_id": "qemu-seabios-1.11.0-5.8.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-5.8.1.noarch",
"product": {
"name": "qemu-sgabios-8-5.8.1.noarch",
"product_id": "qemu-sgabios-8-5.8.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.11.0-5.8.1.noarch",
"product": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch",
"product_id": "qemu-vgabios-1.11.0-5.8.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-arm-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-curl-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-extra-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-lang-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-linux-user-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-ppc-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-s390-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-tools-2.11.2-5.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.ppc64le",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.ppc64le",
"product_id": "qemu-x86-2.11.2-5.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-2.11.2-5.8.1.s390x",
"product_id": "qemu-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.s390x",
"product_id": "qemu-arm-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-curl-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.s390x",
"product_id": "qemu-extra-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-kvm-2.11.2-5.8.1.s390x",
"product_id": "qemu-kvm-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.s390x",
"product_id": "qemu-lang-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.s390x",
"product_id": "qemu-linux-user-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.s390x",
"product_id": "qemu-ppc-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.s390x",
"product_id": "qemu-s390-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.s390x",
"product_id": "qemu-tools-2.11.2-5.8.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.s390x",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.s390x",
"product_id": "qemu-x86-2.11.2-5.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-2.11.2-5.8.1.x86_64",
"product_id": "qemu-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-arm-2.11.2-5.8.1.x86_64",
"product_id": "qemu-arm-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-curl-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-dmg-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-dmg-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-dmg-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-iscsi-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-rbd-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"product_id": "qemu-block-ssh-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-extra-2.11.2-5.8.1.x86_64",
"product_id": "qemu-extra-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"product_id": "qemu-guest-agent-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64",
"product_id": "qemu-kvm-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-lang-2.11.2-5.8.1.x86_64",
"product_id": "qemu-lang-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-linux-user-2.11.2-5.8.1.x86_64",
"product_id": "qemu-linux-user-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-ppc-2.11.2-5.8.1.x86_64",
"product_id": "qemu-ppc-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-s390-2.11.2-5.8.1.x86_64",
"product_id": "qemu-s390-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64",
"product_id": "qemu-tools-2.11.2-5.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.11.2-5.8.1.x86_64",
"product": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64",
"product_id": "qemu-x86-2.11.2-5.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch"
},
"product_reference": "qemu-sgabios-8-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-arm-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-s390-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch"
},
"product_reference": "qemu-sgabios-8-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-arm-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-arm-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-curl-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-iscsi-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-ssh-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-block-ssh-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0+-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0+-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-kvm-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-lang-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-ppc-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-s390-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-seabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch"
},
"product_reference": "qemu-sgabios-8-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-tools-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.11.0-5.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch"
},
"product_reference": "qemu-vgabios-1.11.0-5.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.11.2-5.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
},
"product_reference": "qemu-x86-2.11.2-5.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-18954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18954"
}
],
"notes": [
{
"category": "general",
"text": "The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18954",
"url": "https://www.suse.com/security/cve/CVE-2018-18954"
},
{
"category": "external",
"summary": "SUSE Bug 1114957 for CVE-2018-18954",
"url": "https://bugzilla.suse.com/1114957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2018-18954"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-arm-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-curl-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-iscsi-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-rbd-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-block-ssh-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-guest-agent-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ipxe-1.0.0+-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-kvm-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-lang-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-ppc-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-s390-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-seabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-sgabios-8-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-tools-2.11.2-5.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-vgabios-1.11.0-5.8.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:qemu-x86-2.11.2-5.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0457-1
Vulnerability from csaf_suse - Published: 2019-02-21 06:07 - Updated: 2019-02-21 06:07Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
* CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
Patchnames: SUSE-2019-457,SUSE-SLE-SERVER-12-2019-457
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n* CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-457,SUSE-SLE-SERVER-12-2019-457",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0457-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0457-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190457-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0457-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005143.html"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-21T06:07:42Z",
"generator": {
"date": "2019-02-21T06:07:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0457-1",
"initial_release_date": "2019-02-21T06:07:42Z",
"revision_history": [
{
"date": "2019-02-21T06:07:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-2.0.2-48.49.3.aarch64",
"product_id": "qemu-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.aarch64",
"product_id": "qemu-arm-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.aarch64",
"product_id": "qemu-block-curl-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.aarch64",
"product_id": "qemu-extra-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.aarch64",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.aarch64",
"product_id": "qemu-lang-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.aarch64",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.aarch64",
"product_id": "qemu-linux-user-2.0.2-48.49.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.aarch64",
"product_id": "qemu-ppc-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.aarch64",
"product_id": "qemu-s390-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.aarch64",
"product_id": "qemu-tools-2.0.2-48.49.3.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.aarch64",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.aarch64",
"product_id": "qemu-x86-2.0.2-48.49.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-2.0.2-48.49.3.i586",
"product_id": "qemu-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.i586",
"product_id": "qemu-arm-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.i586",
"product_id": "qemu-block-curl-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.i586",
"product_id": "qemu-extra-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.i586",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-kvm-2.0.2-48.49.3.i586",
"product_id": "qemu-kvm-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.i586",
"product_id": "qemu-lang-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.i586",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.i586",
"product_id": "qemu-linux-user-2.0.2-48.49.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.i586",
"product_id": "qemu-ppc-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.i586",
"product_id": "qemu-s390-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.i586",
"product_id": "qemu-tools-2.0.2-48.49.3.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.i586",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.i586",
"product_id": "qemu-x86-2.0.2-48.49.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0-48.49.3.noarch",
"product": {
"name": "qemu-ipxe-1.0.0-48.49.3.noarch",
"product_id": "qemu-ipxe-1.0.0-48.49.3.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.7.4-48.49.3.noarch",
"product": {
"name": "qemu-seabios-1.7.4-48.49.3.noarch",
"product_id": "qemu-seabios-1.7.4-48.49.3.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-48.49.3.noarch",
"product": {
"name": "qemu-sgabios-8-48.49.3.noarch",
"product_id": "qemu-sgabios-8-48.49.3.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.7.4-48.49.3.noarch",
"product": {
"name": "qemu-vgabios-1.7.4-48.49.3.noarch",
"product_id": "qemu-vgabios-1.7.4-48.49.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-arm-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-block-curl-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-extra-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-lang-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.ppc64le",
"product_id": "qemu-linux-user-2.0.2-48.49.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-ppc-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-s390-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-tools-2.0.2-48.49.3.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.ppc64le",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.ppc64le",
"product_id": "qemu-x86-2.0.2-48.49.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-2.0.2-48.49.3.s390x",
"product_id": "qemu-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.s390x",
"product_id": "qemu-arm-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.s390x",
"product_id": "qemu-block-curl-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.s390x",
"product_id": "qemu-extra-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.s390x",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-kvm-2.0.2-48.49.3.s390x",
"product_id": "qemu-kvm-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.s390x",
"product_id": "qemu-lang-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.s390x",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.s390x",
"product_id": "qemu-linux-user-2.0.2-48.49.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.s390x",
"product_id": "qemu-ppc-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.s390x",
"product_id": "qemu-s390-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.s390x",
"product_id": "qemu-tools-2.0.2-48.49.3.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.s390x",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.s390x",
"product_id": "qemu-x86-2.0.2-48.49.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-2.0.2-48.49.3.x86_64",
"product_id": "qemu-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-arm-2.0.2-48.49.3.x86_64",
"product_id": "qemu-arm-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-block-curl-2.0.2-48.49.3.x86_64",
"product_id": "qemu-block-curl-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-block-rbd-2.0.2-48.49.3.x86_64",
"product_id": "qemu-block-rbd-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-extra-2.0.2-48.49.3.x86_64",
"product_id": "qemu-extra-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-guest-agent-2.0.2-48.49.3.x86_64",
"product_id": "qemu-guest-agent-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-kvm-2.0.2-48.49.3.x86_64",
"product_id": "qemu-kvm-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-lang-2.0.2-48.49.3.x86_64",
"product_id": "qemu-lang-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.0.2-48.49.1.x86_64",
"product": {
"name": "qemu-linux-user-2.0.2-48.49.1.x86_64",
"product_id": "qemu-linux-user-2.0.2-48.49.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-ppc-2.0.2-48.49.3.x86_64",
"product_id": "qemu-ppc-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-s390-2.0.2-48.49.3.x86_64",
"product_id": "qemu-s390-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-tools-2.0.2-48.49.3.x86_64",
"product_id": "qemu-tools-2.0.2-48.49.3.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.0.2-48.49.3.x86_64",
"product": {
"name": "qemu-x86-2.0.2-48.49.3.x86_64",
"product_id": "qemu-x86-2.0.2-48.49.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-block-curl-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-block-curl-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-block-curl-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-block-rbd-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-guest-agent-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-guest-agent-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch"
},
"product_reference": "qemu-ipxe-1.0.0-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-kvm-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-kvm-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-lang-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-lang-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-lang-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-ppc-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-s390-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.7.4-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch"
},
"product_reference": "qemu-seabios-1.7.4-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch"
},
"product_reference": "qemu-sgabios-8-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.0.2-48.49.3.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le"
},
"product_reference": "qemu-tools-2.0.2-48.49.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.0.2-48.49.3.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x"
},
"product_reference": "qemu-tools-2.0.2-48.49.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-tools-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.7.4-48.49.3.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch"
},
"product_reference": "qemu-vgabios-1.7.4-48.49.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.0.2-48.49.3.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
},
"product_reference": "qemu-x86-2.0.2-48.49.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-21T06:07:42Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-21T06:07:42Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-curl-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-block-rbd-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-guest-agent-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ipxe-1.0.0-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-kvm-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-lang-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-ppc-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-s390-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-seabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-sgabios-8-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.s390x",
"SUSE Linux Enterprise Server 12-LTSS:qemu-tools-2.0.2-48.49.3.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:qemu-vgabios-1.7.4-48.49.3.noarch",
"SUSE Linux Enterprise Server 12-LTSS:qemu-x86-2.0.2-48.49.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-21T06:07:42Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
SUSE-SU-2019:0471-1
Vulnerability from csaf_suse - Published: 2019-02-22 12:47 - Updated: 2019-02-22 12:47Summary
Security update for qemu
Severity
Important
Notes
Title of the patch: Security update for qemu
Description of the patch: This update for qemu fixes the following issues:
Security issue fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
Patchnames: SUSE-2019-471,SUSE-SLE-SERVER-12-SP1-2019-471
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for qemu",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for qemu fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).\n- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).\n- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).\n- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-471,SUSE-SLE-SERVER-12-SP1-2019-471",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0471-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0471-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190471-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0471-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005146.html"
},
{
"category": "self",
"summary": "SUSE Bug 1116717",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "self",
"summary": "SUSE Bug 1117275",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "self",
"summary": "SUSE Bug 1119493",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "self",
"summary": "SUSE Bug 1123156",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16872 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19364 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19489 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6778 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6778/"
}
],
"title": "Security update for qemu",
"tracking": {
"current_release_date": "2019-02-22T12:47:28Z",
"generator": {
"date": "2019-02-22T12:47:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0471-1",
"initial_release_date": "2019-02-22T12:47:28Z",
"revision_history": [
{
"date": "2019-02-22T12:47:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-2.3.1-33.20.1.aarch64",
"product_id": "qemu-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.aarch64",
"product_id": "qemu-arm-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.aarch64",
"product_id": "qemu-block-curl-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.aarch64",
"product_id": "qemu-extra-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.aarch64",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.aarch64",
"product_id": "qemu-lang-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.aarch64",
"product_id": "qemu-linux-user-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.aarch64",
"product_id": "qemu-ppc-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.aarch64",
"product_id": "qemu-s390-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.aarch64",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.aarch64",
"product_id": "qemu-testsuite-2.3.1-33.20.2.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.aarch64",
"product_id": "qemu-tools-2.3.1-33.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.aarch64",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.aarch64",
"product_id": "qemu-x86-2.3.1-33.20.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-2.3.1-33.20.1.i586",
"product_id": "qemu-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.i586",
"product_id": "qemu-arm-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.i586",
"product_id": "qemu-block-curl-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.i586",
"product_id": "qemu-extra-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.i586",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-kvm-2.3.1-33.20.1.i586",
"product_id": "qemu-kvm-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.i586",
"product_id": "qemu-lang-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.i586",
"product_id": "qemu-linux-user-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.i586",
"product_id": "qemu-ppc-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.i586",
"product_id": "qemu-s390-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.i586",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.i586",
"product_id": "qemu-testsuite-2.3.1-33.20.2.i586"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.i586",
"product_id": "qemu-tools-2.3.1-33.20.1.i586"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.i586",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.i586",
"product_id": "qemu-x86-2.3.1-33.20.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-ipxe-1.0.0-33.20.1.noarch",
"product": {
"name": "qemu-ipxe-1.0.0-33.20.1.noarch",
"product_id": "qemu-ipxe-1.0.0-33.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-seabios-1.8.1-33.20.1.noarch",
"product": {
"name": "qemu-seabios-1.8.1-33.20.1.noarch",
"product_id": "qemu-seabios-1.8.1-33.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-sgabios-8-33.20.1.noarch",
"product": {
"name": "qemu-sgabios-8-33.20.1.noarch",
"product_id": "qemu-sgabios-8-33.20.1.noarch"
}
},
{
"category": "product_version",
"name": "qemu-vgabios-1.8.1-33.20.1.noarch",
"product": {
"name": "qemu-vgabios-1.8.1-33.20.1.noarch",
"product_id": "qemu-vgabios-1.8.1-33.20.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-arm-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-block-curl-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-extra-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-lang-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-linux-user-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-ppc-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-s390-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.ppc64le",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.ppc64le",
"product_id": "qemu-testsuite-2.3.1-33.20.2.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-tools-2.3.1-33.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.ppc64le",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.ppc64le",
"product_id": "qemu-x86-2.3.1-33.20.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-2.3.1-33.20.1.s390x",
"product_id": "qemu-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.s390x",
"product_id": "qemu-arm-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.s390x",
"product_id": "qemu-block-curl-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.s390x",
"product_id": "qemu-extra-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.s390x",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-kvm-2.3.1-33.20.1.s390x",
"product_id": "qemu-kvm-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.s390x",
"product_id": "qemu-lang-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.s390x",
"product_id": "qemu-linux-user-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.s390x",
"product_id": "qemu-ppc-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.s390x",
"product_id": "qemu-s390-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.s390x",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.s390x",
"product_id": "qemu-testsuite-2.3.1-33.20.2.s390x"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.s390x",
"product_id": "qemu-tools-2.3.1-33.20.1.s390x"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.s390x",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.s390x",
"product_id": "qemu-x86-2.3.1-33.20.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qemu-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-2.3.1-33.20.1.x86_64",
"product_id": "qemu-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-arm-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-arm-2.3.1-33.20.1.x86_64",
"product_id": "qemu-arm-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-curl-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-block-curl-2.3.1-33.20.1.x86_64",
"product_id": "qemu-block-curl-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-block-rbd-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-block-rbd-2.3.1-33.20.1.x86_64",
"product_id": "qemu-block-rbd-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-extra-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-extra-2.3.1-33.20.1.x86_64",
"product_id": "qemu-extra-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-guest-agent-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-guest-agent-2.3.1-33.20.1.x86_64",
"product_id": "qemu-guest-agent-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-kvm-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-kvm-2.3.1-33.20.1.x86_64",
"product_id": "qemu-kvm-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-lang-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-lang-2.3.1-33.20.1.x86_64",
"product_id": "qemu-lang-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-linux-user-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-linux-user-2.3.1-33.20.1.x86_64",
"product_id": "qemu-linux-user-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-ppc-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-ppc-2.3.1-33.20.1.x86_64",
"product_id": "qemu-ppc-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-s390-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-s390-2.3.1-33.20.1.x86_64",
"product_id": "qemu-s390-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-testsuite-2.3.1-33.20.2.x86_64",
"product": {
"name": "qemu-testsuite-2.3.1-33.20.2.x86_64",
"product_id": "qemu-testsuite-2.3.1-33.20.2.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-tools-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-tools-2.3.1-33.20.1.x86_64",
"product_id": "qemu-tools-2.3.1-33.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "qemu-x86-2.3.1-33.20.1.x86_64",
"product": {
"name": "qemu-x86-2.3.1-33.20.1.x86_64",
"product_id": "qemu-x86-2.3.1-33.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-block-curl-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-block-curl-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-curl-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-block-curl-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-block-rbd-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-block-rbd-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-guest-agent-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-guest-agent-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-guest-agent-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ipxe-1.0.0-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch"
},
"product_reference": "qemu-ipxe-1.0.0-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-kvm-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-kvm-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-kvm-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-lang-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-lang-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-lang-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-lang-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-ppc-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-ppc-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-s390-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-s390-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-seabios-1.8.1-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch"
},
"product_reference": "qemu-seabios-1.8.1-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-sgabios-8-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch"
},
"product_reference": "qemu-sgabios-8-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.3.1-33.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le"
},
"product_reference": "qemu-tools-2.3.1-33.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.3.1-33.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x"
},
"product_reference": "qemu-tools-2.3.1-33.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-tools-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-tools-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-vgabios-1.8.1-33.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch"
},
"product_reference": "qemu-vgabios-1.8.1-33.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qemu-x86-2.3.1-33.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
},
"product_reference": "qemu-x86-2.3.1-33.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16872"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\u0027t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16872",
"url": "https://www.suse.com/security/cve/CVE-2018-16872"
},
{
"category": "external",
"summary": "SUSE Bug 1119493 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119493"
},
{
"category": "external",
"summary": "SUSE Bug 1119494 for CVE-2018-16872",
"url": "https://bugzilla.suse.com/1119494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "moderate"
}
],
"title": "CVE-2018-16872"
},
{
"cve": "CVE-2018-19364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19364"
}
],
"notes": [
{
"category": "general",
"text": "hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19364",
"url": "https://www.suse.com/security/cve/CVE-2018-19364"
},
{
"category": "external",
"summary": "SUSE Bug 1116717 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116717"
},
{
"category": "external",
"summary": "SUSE Bug 1116726 for CVE-2018-19364",
"url": "https://bugzilla.suse.com/1116726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "moderate"
}
],
"title": "CVE-2018-19364"
},
{
"cve": "CVE-2018-19489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19489"
}
],
"notes": [
{
"category": "general",
"text": "v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19489",
"url": "https://www.suse.com/security/cve/CVE-2018-19489"
},
{
"category": "external",
"summary": "SUSE Bug 1117275 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117275"
},
{
"category": "external",
"summary": "SUSE Bug 1117279 for CVE-2018-19489",
"url": "https://bugzilla.suse.com/1117279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "low"
}
],
"title": "CVE-2018-19489"
},
{
"cve": "CVE-2019-6778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6778"
}
],
"notes": [
{
"category": "general",
"text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6778",
"url": "https://www.suse.com/security/cve/CVE-2019-6778"
},
{
"category": "external",
"summary": "SUSE Bug 1123156 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123156"
},
{
"category": "external",
"summary": "SUSE Bug 1123157 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1123157"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2019-6778",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-curl-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-block-rbd-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-guest-agent-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ipxe-1.0.0-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-kvm-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-lang-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-ppc-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-s390-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-seabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-sgabios-8-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-tools-2.3.1-33.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-vgabios-1.8.1-33.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:qemu-x86-2.3.1-33.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:28Z",
"details": "important"
}
],
"title": "CVE-2019-6778"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…