suse-su-2015:0870-1
Vulnerability from csaf_suse
Published
2014-09-19 14:41
Modified
2014-09-19 14:41
Summary
Security update for kvm
Notes
Title of the patch
Security update for kvm
Description of the patch
kvm has been updated to fix issues in the embedded qemu:
*
CVE-2014-0223: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU
disk image files loaded by a guest could have used this flaw to
corrupt QEMU process memory on the host, which could potentially have
resulted in arbitrary code execution on the host with the privileges
of the QEMU process.
*
CVE-2014-3461: A user able to alter the savevm data (either on the
disk or over the wire during migration) could have used this flaw to
to corrupt QEMU process memory on the (destination) host, which could
have potentially resulted in arbitrary code execution on the host
with the privileges of the QEMU process.
*
CVE-2014-0222: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU
disk image files loaded by a guest could have used this flaw to
corrupt QEMU process memory on the host, which could have potentially
resulted in arbitrary code execution on the host with the privileges
of the QEMU process.
Non-security bugs fixed:
* Fix exceeding IRQ routes that could have caused freezes of guests.
(bnc#876842)
* Fix CPUID emulation bugs that may have broken Windows guests with
newer -cpu types (bnc#886535)
Security Issues:
* CVE-2014-0222
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0222>
* CVE-2014-0223
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0223>
* CVE-2014-3461
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3461>
Patchnames
sledsp3-kvm,slessp3-kvm
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kvm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nkvm has been updated to fix issues in the embedded qemu:\n\n * \n\n CVE-2014-0223: An integer overflow flaw was found in the QEMU block\n driver for QCOW version 1 disk images. A user able to alter the QEMU\n disk image files loaded by a guest could have used this flaw to\n corrupt QEMU process memory on the host, which could potentially have\n resulted in arbitrary code execution on the host with the privileges\n of the QEMU process.\n\n * \n\n CVE-2014-3461: A user able to alter the savevm data (either on the\n disk or over the wire during migration) could have used this flaw to\n to corrupt QEMU process memory on the (destination) host, which could\n have potentially resulted in arbitrary code execution on the host\n with the privileges of the QEMU process.\n\n * \n\n CVE-2014-0222: An integer overflow flaw was found in the QEMU block\n driver for QCOW version 1 disk images. A user able to alter the QEMU\n disk image files loaded by a guest could have used this flaw to\n corrupt QEMU process memory on the host, which could have potentially\n resulted in arbitrary code execution on the host with the privileges\n of the QEMU process.\n\nNon-security bugs fixed:\n\n * Fix exceeding IRQ routes that could have caused freezes of guests.\n (bnc#876842)\n * Fix CPUID emulation bugs that may have broken Windows guests with\n newer -cpu types (bnc#886535)\n\nSecurity Issues:\n\n * CVE-2014-0222\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0222\u003e\n * CVE-2014-0223\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0223\u003e\n * CVE-2014-3461\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3461\u003e\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sledsp3-kvm,slessp3-kvm",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0870-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0870-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150870-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0870-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-May/001381.html"
},
{
"category": "self",
"summary": "SUSE Bug 812836",
"url": "https://bugzilla.suse.com/812836"
},
{
"category": "self",
"summary": "SUSE Bug 812983",
"url": "https://bugzilla.suse.com/812983"
},
{
"category": "self",
"summary": "SUSE Bug 817593",
"url": "https://bugzilla.suse.com/817593"
},
{
"category": "self",
"summary": "SUSE Bug 821819",
"url": "https://bugzilla.suse.com/821819"
},
{
"category": "self",
"summary": "SUSE Bug 824340",
"url": "https://bugzilla.suse.com/824340"
},
{
"category": "self",
"summary": "SUSE Bug 829800",
"url": "https://bugzilla.suse.com/829800"
},
{
"category": "self",
"summary": "SUSE Bug 841080",
"url": "https://bugzilla.suse.com/841080"
},
{
"category": "self",
"summary": "SUSE Bug 842006",
"url": "https://bugzilla.suse.com/842006"
},
{
"category": "self",
"summary": "SUSE Bug 842088",
"url": "https://bugzilla.suse.com/842088"
},
{
"category": "self",
"summary": "SUSE Bug 858858",
"url": "https://bugzilla.suse.com/858858"
},
{
"category": "self",
"summary": "SUSE Bug 864391",
"url": "https://bugzilla.suse.com/864391"
},
{
"category": "self",
"summary": "SUSE Bug 864649",
"url": "https://bugzilla.suse.com/864649"
},
{
"category": "self",
"summary": "SUSE Bug 864650",
"url": "https://bugzilla.suse.com/864650"
},
{
"category": "self",
"summary": "SUSE Bug 864653",
"url": "https://bugzilla.suse.com/864653"
},
{
"category": "self",
"summary": "SUSE Bug 864655",
"url": "https://bugzilla.suse.com/864655"
},
{
"category": "self",
"summary": "SUSE Bug 864665",
"url": "https://bugzilla.suse.com/864665"
},
{
"category": "self",
"summary": "SUSE Bug 864671",
"url": "https://bugzilla.suse.com/864671"
},
{
"category": "self",
"summary": "SUSE Bug 864673",
"url": "https://bugzilla.suse.com/864673"
},
{
"category": "self",
"summary": "SUSE Bug 864678",
"url": "https://bugzilla.suse.com/864678"
},
{
"category": "self",
"summary": "SUSE Bug 864682",
"url": "https://bugzilla.suse.com/864682"
},
{
"category": "self",
"summary": "SUSE Bug 864769",
"url": "https://bugzilla.suse.com/864769"
},
{
"category": "self",
"summary": "SUSE Bug 864796",
"url": "https://bugzilla.suse.com/864796"
},
{
"category": "self",
"summary": "SUSE Bug 864801",
"url": "https://bugzilla.suse.com/864801"
},
{
"category": "self",
"summary": "SUSE Bug 864802",
"url": "https://bugzilla.suse.com/864802"
},
{
"category": "self",
"summary": "SUSE Bug 864804",
"url": "https://bugzilla.suse.com/864804"
},
{
"category": "self",
"summary": "SUSE Bug 864805",
"url": "https://bugzilla.suse.com/864805"
},
{
"category": "self",
"summary": "SUSE Bug 864811",
"url": "https://bugzilla.suse.com/864811"
},
{
"category": "self",
"summary": "SUSE Bug 864812",
"url": "https://bugzilla.suse.com/864812"
},
{
"category": "self",
"summary": "SUSE Bug 864814",
"url": "https://bugzilla.suse.com/864814"
},
{
"category": "self",
"summary": "SUSE Bug 870439",
"url": "https://bugzilla.suse.com/870439"
},
{
"category": "self",
"summary": "SUSE Bug 873235",
"url": "https://bugzilla.suse.com/873235"
},
{
"category": "self",
"summary": "SUSE Bug 874749",
"url": "https://bugzilla.suse.com/874749"
},
{
"category": "self",
"summary": "SUSE Bug 874788",
"url": "https://bugzilla.suse.com/874788"
},
{
"category": "self",
"summary": "SUSE Bug 876842",
"url": "https://bugzilla.suse.com/876842"
},
{
"category": "self",
"summary": "SUSE Bug 877642",
"url": "https://bugzilla.suse.com/877642"
},
{
"category": "self",
"summary": "SUSE Bug 877645",
"url": "https://bugzilla.suse.com/877645"
},
{
"category": "self",
"summary": "SUSE Bug 878541",
"url": "https://bugzilla.suse.com/878541"
},
{
"category": "self",
"summary": "SUSE Bug 886535",
"url": "https://bugzilla.suse.com/886535"
},
{
"category": "self",
"summary": "SUSE Bug 920571",
"url": "https://bugzilla.suse.com/920571"
},
{
"category": "self",
"summary": "SUSE Bug 924018",
"url": "https://bugzilla.suse.com/924018"
},
{
"category": "self",
"summary": "SUSE Bug 929339",
"url": "https://bugzilla.suse.com/929339"
},
{
"category": "self",
"summary": "SUSE Bug 932267",
"url": "https://bugzilla.suse.com/932267"
},
{
"category": "self",
"summary": "SUSE Bug 932770",
"url": "https://bugzilla.suse.com/932770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2016 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4344 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4541 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0142 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0143 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0144 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0145 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0146 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0147 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0150 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0222 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0223 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-2894 page",
"url": "https://www.suse.com/security/cve/CVE-2014-2894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3461 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1779 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3209 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3456 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3456/"
}
],
"title": "Security update for kvm",
"tracking": {
"current_release_date": "2014-09-19T14:41:45Z",
"generator": {
"date": "2014-09-19T14:41:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0870-1",
"initial_release_date": "2014-09-19T14:41:45Z",
"revision_history": [
{
"date": "2014-09-19T14:41:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kvm-1.4.2-0.17.1.i586",
"product": {
"name": "kvm-1.4.2-0.17.1.i586",
"product_id": "kvm-1.4.2-0.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kvm-1.4.2-0.17.1.s390x",
"product": {
"name": "kvm-1.4.2-0.17.1.s390x",
"product_id": "kvm-1.4.2-0.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kvm-1.4.2-0.17.1.x86_64",
"product": {
"name": "kvm-1.4.2-0.17.1.x86_64",
"product_id": "kvm-1.4.2-0.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586"
},
"product_reference": "kvm-1.4.2-0.17.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64"
},
"product_reference": "kvm-1.4.2-0.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.i586 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586"
},
"product_reference": "kvm-1.4.2-0.17.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.s390x as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x"
},
"product_reference": "kvm-1.4.2-0.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64"
},
"product_reference": "kvm-1.4.2-0.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586"
},
"product_reference": "kvm-1.4.2-0.17.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x"
},
"product_reference": "kvm-1.4.2-0.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64"
},
"product_reference": "kvm-1.4.2-0.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586"
},
"product_reference": "kvm-1.4.2-0.17.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x"
},
"product_reference": "kvm-1.4.2-0.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kvm-1.4.2-0.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
},
"product_reference": "kvm-1.4.2-0.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-2016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2016"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host\u0027s qemu address space and thus increase their privileges on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2016",
"url": "https://www.suse.com/security/cve/CVE-2013-2016"
},
{
"category": "external",
"summary": "SUSE Bug 817593 for CVE-2013-2016",
"url": "https://bugzilla.suse.com/817593"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2013-2016",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "important"
}
],
"title": "CVE-2013-2016"
},
{
"cve": "CVE-2013-4344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4344"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4344",
"url": "https://www.suse.com/security/cve/CVE-2013-4344"
},
{
"category": "external",
"summary": "SUSE Bug 842006 for CVE-2013-4344",
"url": "https://bugzilla.suse.com/842006"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2013-4344",
"url": "https://bugzilla.suse.com/871442"
},
{
"category": "external",
"summary": "SUSE Bug 880751 for CVE-2013-4344",
"url": "https://bugzilla.suse.com/880751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2013-4344"
},
{
"cve": "CVE-2013-4541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4541"
}
],
"notes": [
{
"category": "general",
"text": "The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setup_len or setup_index value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4541",
"url": "https://www.suse.com/security/cve/CVE-2013-4541"
},
{
"category": "external",
"summary": "SUSE Bug 864802 for CVE-2013-4541",
"url": "https://bugzilla.suse.com/864802"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2013-4541",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2013-4541"
},
{
"cve": "CVE-2014-0142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0142"
}
],
"notes": [
{
"category": "general",
"text": "QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0142",
"url": "https://www.suse.com/security/cve/CVE-2014-0142"
},
{
"category": "external",
"summary": "SUSE Bug 870439 for CVE-2014-0142",
"url": "https://bugzilla.suse.com/870439"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2014-0142",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0142"
},
{
"cve": "CVE-2014-0143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0143"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0143",
"url": "https://www.suse.com/security/cve/CVE-2014-0143"
},
{
"category": "external",
"summary": "SUSE Bug 870439 for CVE-2014-0143",
"url": "https://bugzilla.suse.com/870439"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2014-0143",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0143"
},
{
"cve": "CVE-2014-0144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0144"
}
],
"notes": [
{
"category": "general",
"text": "QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0144",
"url": "https://www.suse.com/security/cve/CVE-2014-0144"
},
{
"category": "external",
"summary": "SUSE Bug 870439 for CVE-2014-0144",
"url": "https://bugzilla.suse.com/870439"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2014-0144",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0144"
},
{
"cve": "CVE-2014-0145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0145"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0145",
"url": "https://www.suse.com/security/cve/CVE-2014-0145"
},
{
"category": "external",
"summary": "SUSE Bug 870439 for CVE-2014-0145",
"url": "https://bugzilla.suse.com/870439"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2014-0145",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "important"
}
],
"title": "CVE-2014-0145"
},
{
"cve": "CVE-2014-0146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0146"
}
],
"notes": [
{
"category": "general",
"text": "The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0146",
"url": "https://www.suse.com/security/cve/CVE-2014-0146"
},
{
"category": "external",
"summary": "SUSE Bug 870439 for CVE-2014-0146",
"url": "https://bugzilla.suse.com/870439"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2014-0146",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0146"
},
{
"cve": "CVE-2014-0147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0147"
}
],
"notes": [
{
"category": "general",
"text": "Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0147",
"url": "https://www.suse.com/security/cve/CVE-2014-0147"
},
{
"category": "external",
"summary": "SUSE Bug 870439 for CVE-2014-0147",
"url": "https://bugzilla.suse.com/870439"
},
{
"category": "external",
"summary": "SUSE Bug 871442 for CVE-2014-0147",
"url": "https://bugzilla.suse.com/871442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0147"
},
{
"cve": "CVE-2014-0150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0150"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0150",
"url": "https://www.suse.com/security/cve/CVE-2014-0150"
},
{
"category": "external",
"summary": "SUSE Bug 873235 for CVE-2014-0150",
"url": "https://bugzilla.suse.com/873235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0150"
},
{
"cve": "CVE-2014-0222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0222"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0222",
"url": "https://www.suse.com/security/cve/CVE-2014-0222"
},
{
"category": "external",
"summary": "SUSE Bug 1072223 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/1072223"
},
{
"category": "external",
"summary": "SUSE Bug 877642 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/877642"
},
{
"category": "external",
"summary": "SUSE Bug 950367 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/950367"
},
{
"category": "external",
"summary": "SUSE Bug 964925 for CVE-2014-0222",
"url": "https://bugzilla.suse.com/964925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0222"
},
{
"cve": "CVE-2014-0223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0223"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0223",
"url": "https://www.suse.com/security/cve/CVE-2014-0223"
},
{
"category": "external",
"summary": "SUSE Bug 877645 for CVE-2014-0223",
"url": "https://bugzilla.suse.com/877645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-0223"
},
{
"cve": "CVE-2014-2894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-2894"
}
],
"notes": [
{
"category": "general",
"text": "Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-2894",
"url": "https://www.suse.com/security/cve/CVE-2014-2894"
},
{
"category": "external",
"summary": "SUSE Bug 874749 for CVE-2014-2894",
"url": "https://bugzilla.suse.com/874749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-2894"
},
{
"cve": "CVE-2014-3461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3461"
}
],
"notes": [
{
"category": "general",
"text": "hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to \"USB post load checks.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3461",
"url": "https://www.suse.com/security/cve/CVE-2014-3461"
},
{
"category": "external",
"summary": "SUSE Bug 878541 for CVE-2014-3461",
"url": "https://bugzilla.suse.com/878541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2014-3461"
},
{
"cve": "CVE-2015-1779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1779"
}
],
"notes": [
{
"category": "general",
"text": "The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1779",
"url": "https://www.suse.com/security/cve/CVE-2015-1779"
},
{
"category": "external",
"summary": "SUSE Bug 924018 for CVE-2015-1779",
"url": "https://bugzilla.suse.com/924018"
},
{
"category": "external",
"summary": "SUSE Bug 962632 for CVE-2015-1779",
"url": "https://bugzilla.suse.com/962632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2015-1779"
},
{
"cve": "CVE-2015-3209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3209"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3209",
"url": "https://www.suse.com/security/cve/CVE-2015-3209"
},
{
"category": "external",
"summary": "SUSE Bug 932267 for CVE-2015-3209",
"url": "https://bugzilla.suse.com/932267"
},
{
"category": "external",
"summary": "SUSE Bug 932770 for CVE-2015-3209",
"url": "https://bugzilla.suse.com/932770"
},
{
"category": "external",
"summary": "SUSE Bug 932823 for CVE-2015-3209",
"url": "https://bugzilla.suse.com/932823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "important"
}
],
"title": "CVE-2015-3209"
},
{
"cve": "CVE-2015-3456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3456"
}
],
"notes": [
{
"category": "general",
"text": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3456",
"url": "https://www.suse.com/security/cve/CVE-2015-3456"
},
{
"category": "external",
"summary": "SUSE Bug 929339 for CVE-2015-3456",
"url": "https://bugzilla.suse.com/929339"
},
{
"category": "external",
"summary": "SUSE Bug 932770 for CVE-2015-3456",
"url": "https://bugzilla.suse.com/932770"
},
{
"category": "external",
"summary": "SUSE Bug 935900 for CVE-2015-3456",
"url": "https://bugzilla.suse.com/935900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-09-19T14:41:45Z",
"details": "moderate"
}
],
"title": "CVE-2015-3456"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…