Overview

File _patchinfo of Package patchinfo.13114

<patchinfo incident="13114">
  <issue tracker="cve" id="2019-11135"/>
  <issue tracker="cve" id="2018-20126"/>
  <issue tracker="cve" id="2018-12207"/>
  <issue tracker="cve" id="2019-12068"/>
  <issue tracker="bnc" id="1152506">VUL-0: EMBARGOED: CVE-2019-11135: qemu,kvm: "TSX Asynchronous Abort (TAA)"</issue>
  <issue tracker="bnc" id="1146873">VUL-0: CVE-2019-12068: kvm,qemu: infinite loop while executing script</issue>
  <issue tracker="bnc" id="1155812">VUL-0: EMBARGOED: CVE-2018-12207: qemu,kvm: Machine Check Error Avoidance on Page Size Change (aka IFU issue)</issue>
  <issue tracker="bnc" id="1119991">VUL-1: CVE-2018-20126: kvm,qemu: memory leakage due to non free memory objects in qemu implementation can lead to DOS</issue>
  <packager>bfrogers</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

- Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15
- Fix use-after-free in slirp (CVE-2018-20126 bsc#1119991)
- Fix potential DOS in lsi scsi controller emulation (CVE-2019-12068 bsc#1146873)
- Expose taa-no "feature", indicating CPU does not have the
  TSX Async Abort vulnerability. (CVE-2019-11135 bsc#1152506)
- Expose pschange-mc-no "feature", indicating CPU does not have
  the page size change machine check vulnerability (CVE-2018-12207 bsc#1155812)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places