Security update for qemu SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:0536-1 Final 1 1 2016-02-21T06:33:03Z current 2016-02-21T06:33:03Z 2016-02-21T06:33:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for qemu This update fixes the following security issues: - Enforce receive packet size, thus eliminating buffer overflow and potential security issue. (bsc#957162 CVE-2015-7512) - Infinite loop in processing command block list. CVE-2015-8345 (bsc#956829): This update also fixes a non-security bug: - Due to space restrictions in limited bios data areas, don't create mptable if vcpu count is 'high' (ie more than ~19). (bsc#954864) (No supported guests are negatively impacted by this change, which is taken from upstream seabios) This update was imported from the SUSE:SLE-12-SP1:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00050.html E-Mail link for openSUSE-SU-2016:0536-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 qemu-2.3.1-12.1 qemu-arm-2.3.1-12.1 qemu-block-curl-2.3.1-12.1 qemu-block-rbd-2.3.1-12.1 qemu-extra-2.3.1-12.1 qemu-guest-agent-2.3.1-12.1 qemu-ipxe-1.0.0-12.1 qemu-kvm-2.3.1-12.1 qemu-lang-2.3.1-12.1 qemu-linux-user-2.3.1-12.1 qemu-ppc-2.3.1-12.1 qemu-s390-2.3.1-12.1 qemu-seabios-1.8.1-12.1 qemu-sgabios-8-12.1 qemu-testsuite-2.3.1-12.2 qemu-tools-2.3.1-12.1 qemu-vgabios-1.8.1-12.1 qemu-x86-2.3.1-12.1 qemu-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-arm-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-block-curl-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-block-rbd-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-extra-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-guest-agent-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-ipxe-1.0.0-12.1 as a component of openSUSE Leap 42.1 qemu-kvm-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-lang-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-linux-user-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-ppc-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-s390-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-seabios-1.8.1-12.1 as a component of openSUSE Leap 42.1 qemu-sgabios-8-12.1 as a component of openSUSE Leap 42.1 qemu-testsuite-2.3.1-12.2 as a component of openSUSE Leap 42.1 qemu-tools-2.3.1-12.1 as a component of openSUSE Leap 42.1 qemu-vgabios-1.8.1-12.1 as a component of openSUSE Leap 42.1 qemu-x86-2.3.1-12.1 as a component of openSUSE Leap 42.1 Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. CVE-2015-7512 openSUSE Leap 42.1:qemu-2.3.1-12.1 openSUSE Leap 42.1:qemu-arm-2.3.1-12.1 openSUSE Leap 42.1:qemu-block-curl-2.3.1-12.1 openSUSE Leap 42.1:qemu-block-rbd-2.3.1-12.1 openSUSE Leap 42.1:qemu-extra-2.3.1-12.1 openSUSE Leap 42.1:qemu-guest-agent-2.3.1-12.1 openSUSE Leap 42.1:qemu-ipxe-1.0.0-12.1 openSUSE Leap 42.1:qemu-kvm-2.3.1-12.1 openSUSE Leap 42.1:qemu-lang-2.3.1-12.1 openSUSE Leap 42.1:qemu-linux-user-2.3.1-12.1 openSUSE Leap 42.1:qemu-ppc-2.3.1-12.1 openSUSE Leap 42.1:qemu-s390-2.3.1-12.1 openSUSE Leap 42.1:qemu-seabios-1.8.1-12.1 openSUSE Leap 42.1:qemu-sgabios-8-12.1 openSUSE Leap 42.1:qemu-testsuite-2.3.1-12.2 openSUSE Leap 42.1:qemu-tools-2.3.1-12.1 openSUSE Leap 42.1:qemu-vgabios-1.8.1-12.1 openSUSE Leap 42.1:qemu-x86-2.3.1-12.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00050.html https://www.suse.com/security/cve/CVE-2015-7512.html CVE-2015-7512 https://bugzilla.suse.com/957162 SUSE Bug 957162 https://bugzilla.suse.com/962360 SUSE Bug 962360 The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. CVE-2015-8345 openSUSE Leap 42.1:qemu-2.3.1-12.1 openSUSE Leap 42.1:qemu-arm-2.3.1-12.1 openSUSE Leap 42.1:qemu-block-curl-2.3.1-12.1 openSUSE Leap 42.1:qemu-block-rbd-2.3.1-12.1 openSUSE Leap 42.1:qemu-extra-2.3.1-12.1 openSUSE Leap 42.1:qemu-guest-agent-2.3.1-12.1 openSUSE Leap 42.1:qemu-ipxe-1.0.0-12.1 openSUSE Leap 42.1:qemu-kvm-2.3.1-12.1 openSUSE Leap 42.1:qemu-lang-2.3.1-12.1 openSUSE Leap 42.1:qemu-linux-user-2.3.1-12.1 openSUSE Leap 42.1:qemu-ppc-2.3.1-12.1 openSUSE Leap 42.1:qemu-s390-2.3.1-12.1 openSUSE Leap 42.1:qemu-seabios-1.8.1-12.1 openSUSE Leap 42.1:qemu-sgabios-8-12.1 openSUSE Leap 42.1:qemu-testsuite-2.3.1-12.2 openSUSE Leap 42.1:qemu-tools-2.3.1-12.1 openSUSE Leap 42.1:qemu-vgabios-1.8.1-12.1 openSUSE Leap 42.1:qemu-x86-2.3.1-12.1 moderate 5.2 AV:A/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00050.html https://www.suse.com/security/cve/CVE-2015-8345.html CVE-2015-8345 https://bugzilla.suse.com/956829 SUSE Bug 956829 https://bugzilla.suse.com/956832 SUSE Bug 956832