Security update for kvm and libvirt SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:0357-1 Final 1 1 2015-01-23T01:22:37Z current 2015-01-23T01:22:37Z 2015-01-23T01:22:37Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for kvm and libvirt This collective update for KVM and libvirt provides fixes for security and non-security issues. kvm: * Fix NULL pointer dereference because of uninitialized UDP socket. (bsc#897654, CVE-2014-3640) * Fix performance degradation after migration. (bsc#878350) * Fix potential image corruption due to missing FIEMAP_FLAG_SYNC flag in FS_IOC_FIEMAP ioctl. (bsc#908381) * Add validate hex properties for qdev. (bsc#852397) * Add boot option to do strict boot (bsc#900084) * Add query-command-line-options QMP command. (bsc#899144) * Fix incorrect return value of migrate_cancel. (bsc#843074) * Fix insufficient parameter validation during ram load. (bsc#905097, CVE-2014-7840) * Fix insufficient blit region checks in qemu/cirrus. (bsc#907805, CVE-2014-8106) libvirt: * Fix security hole with migratable flag in dumpxml. (bsc#904176, CVE-2014-7823) * Fix domain deadlock. (bsc#899484, CVE-2014-3657) * Use correct definition when looking up disk in qemu blkiotune. (bsc#897783, CVE-2014-3633) * Fix undefined symbol when starting virtlockd. (bsc#910145) * Add '-boot strict' to qemu's commandline whenever possible. (bsc#900084) * Add support for 'reboot-timeout' in qemu. (bsc#899144) * Increase QEMU's monitor timeout to 30sec. (bsc#911742) * Allow setting QEMU's migration max downtime any time. (bsc#879665) Security Issues: * CVE-2014-7823 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823> * CVE-2014-3657 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657> * CVE-2014-3633 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633> * CVE-2014-3640 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640> * CVE-2014-7840 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840> * CVE-2014-8106 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106> The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-kvm-libvirt-201412,sledsp3-kvm-libvirt-201412,slessp3-kvm-libvirt-201412 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20150357-1/ Link for SUSE-SU-2015:0357-1 https://lists.suse.com/pipermail/sle-security-updates/2015-February/001247.html E-Mail link for SUSE-SU-2015:0357-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/843074 SUSE Bug 843074 https://bugzilla.suse.com/852397 SUSE Bug 852397 https://bugzilla.suse.com/878350 SUSE Bug 878350 https://bugzilla.suse.com/879665 SUSE Bug 879665 https://bugzilla.suse.com/897654 SUSE Bug 897654 https://bugzilla.suse.com/897783 SUSE Bug 897783 https://bugzilla.suse.com/899144 SUSE Bug 899144 https://bugzilla.suse.com/899484 SUSE Bug 899484 https://bugzilla.suse.com/900084 SUSE Bug 900084 https://bugzilla.suse.com/904176 SUSE Bug 904176 https://bugzilla.suse.com/905097 SUSE Bug 905097 https://bugzilla.suse.com/907805 SUSE Bug 907805 https://bugzilla.suse.com/908381 SUSE Bug 908381 https://bugzilla.suse.com/910145 SUSE Bug 910145 https://bugzilla.suse.com/911742 SUSE Bug 911742 https://www.suse.com/security/cve/CVE-2014-3633/ SUSE CVE CVE-2014-3633 page https://www.suse.com/security/cve/CVE-2014-3640/ SUSE CVE CVE-2014-3640 page https://www.suse.com/security/cve/CVE-2014-3657/ SUSE CVE CVE-2014-3657 page https://www.suse.com/security/cve/CVE-2014-7823/ SUSE CVE CVE-2014-7823 page https://www.suse.com/security/cve/CVE-2014-7840/ SUSE CVE CVE-2014-7840 page https://www.suse.com/security/cve/CVE-2014-8106/ SUSE CVE CVE-2014-8106 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 libvirt-devel-1.0.5.9-0.19.3 libvirt-devel-32bit-1.0.5.9-0.19.3 kvm-1.4.2-0.21.4 libvirt-1.0.5.9-0.19.3 libvirt-client-1.0.5.9-0.19.3 libvirt-client-32bit-1.0.5.9-0.19.3 libvirt-doc-1.0.5.9-0.19.3 libvirt-python-1.0.5.9-0.19.3 libvirt-lock-sanlock-1.0.5.9-0.19.3 kvm-1.4.2-0.21.4 as a component of SUSE Linux Enterprise Desktop 11 SP3 libvirt-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Desktop 11 SP3 libvirt-client-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Desktop 11 SP3 libvirt-client-32bit-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Desktop 11 SP3 libvirt-doc-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Desktop 11 SP3 libvirt-python-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Desktop 11 SP3 kvm-1.4.2-0.21.4 as a component of SUSE Linux Enterprise Server 11 SP3 libvirt-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3 libvirt-client-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3 libvirt-client-32bit-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3 libvirt-doc-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3 libvirt-lock-sanlock-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3 libvirt-python-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3 kvm-1.4.2-0.21.4 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libvirt-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libvirt-client-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libvirt-client-32bit-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libvirt-doc-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libvirt-lock-sanlock-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libvirt-python-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA kvm-1.4.2-0.21.4 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libvirt-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libvirt-client-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libvirt-client-32bit-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libvirt-doc-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libvirt-lock-sanlock-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libvirt-python-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libvirt-devel-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 libvirt-devel-32bit-1.0.5.9-0.19.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read. CVE-2014-3633 SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Desktop 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-32bit-1.0.5.9-0.19.3 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150357-1/ https://www.suse.com/security/cve/CVE-2014-3633.html CVE-2014-3633 https://bugzilla.suse.com/897783 SUSE Bug 897783 The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket. CVE-2014-3640 SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Desktop 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-32bit-1.0.5.9-0.19.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150357-1/ https://www.suse.com/security/cve/CVE-2014-3640.html CVE-2014-3640 https://bugzilla.suse.com/897654 SUSE Bug 897654 https://bugzilla.suse.com/965112 SUSE Bug 965112 The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command. CVE-2014-3657 SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Desktop 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-32bit-1.0.5.9-0.19.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150357-1/ https://www.suse.com/security/cve/CVE-2014-3657.html CVE-2014-3657 https://bugzilla.suse.com/897783 SUSE Bug 897783 https://bugzilla.suse.com/899484 SUSE Bug 899484 The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag. CVE-2014-7823 SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Desktop 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-32bit-1.0.5.9-0.19.3 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150357-1/ https://www.suse.com/security/cve/CVE-2014-7823.html CVE-2014-7823 https://bugzilla.suse.com/904176 SUSE Bug 904176 The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data. CVE-2014-7840 SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Desktop 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-32bit-1.0.5.9-0.19.3 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150357-1/ https://www.suse.com/security/cve/CVE-2014-7840.html CVE-2014-7840 https://bugzilla.suse.com/905097 SUSE Bug 905097 Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320. CVE-2014-8106 SUSE Linux Enterprise Desktop 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Desktop 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Desktop 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:kvm-1.4.2-0.21.4 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-client-32bit-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-doc-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-lock-sanlock-1.0.5.9-0.19.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libvirt-python-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-1.0.5.9-0.19.3 SUSE Linux Enterprise Software Development Kit 11 SP3:libvirt-devel-32bit-1.0.5.9-0.19.3 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20150357-1/ https://www.suse.com/security/cve/CVE-2014-8106.html CVE-2014-8106 https://bugzilla.suse.com/1023004 SUSE Bug 1023004 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/907805 SUSE Bug 907805