{"affected":[{"ecosystem_specific":{"binaries":[{"qemu":"2.3.1-14.1","qemu-block-curl":"2.3.1-14.1","qemu-ipxe":"1.0.0-14.1","qemu-kvm":"2.3.1-14.1","qemu-seabios":"1.8.1-14.1","qemu-sgabios":"8-14.1","qemu-tools":"2.3.1-14.1","qemu-vgabios":"1.8.1-14.1","qemu-x86":"2.3.1-14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","name":"qemu","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.1-14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"qemu":"2.3.1-14.1","qemu-block-curl":"2.3.1-14.1","qemu-block-rbd":"2.3.1-14.1","qemu-guest-agent":"2.3.1-14.1","qemu-ipxe":"1.0.0-14.1","qemu-kvm":"2.3.1-14.1","qemu-lang":"2.3.1-14.1","qemu-ppc":"2.3.1-14.1","qemu-s390":"2.3.1-14.1","qemu-seabios":"1.8.1-14.1","qemu-sgabios":"8-14.1","qemu-tools":"2.3.1-14.1","qemu-vgabios":"1.8.1-14.1","qemu-x86":"2.3.1-14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1","name":"qemu","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.1-14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"qemu":"2.3.1-14.1","qemu-block-curl":"2.3.1-14.1","qemu-block-rbd":"2.3.1-14.1","qemu-guest-agent":"2.3.1-14.1","qemu-ipxe":"1.0.0-14.1","qemu-kvm":"2.3.1-14.1","qemu-lang":"2.3.1-14.1","qemu-ppc":"2.3.1-14.1","qemu-s390":"2.3.1-14.1","qemu-seabios":"1.8.1-14.1","qemu-sgabios":"8-14.1","qemu-tools":"2.3.1-14.1","qemu-vgabios":"1.8.1-14.1","qemu-x86":"2.3.1-14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"qemu","purl":"pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.1-14.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"qemu was updated to fix 29 security issues.\n\nThese security issues were fixed:\n- CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)\n- CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)\n- CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation (bsc#981266)\n- CVE-2015-8817: Avoid OOB access in PCI dma I/O (bsc#969121)\n- CVE-2015-8818: Avoid OOB access in PCI dma I/O (bsc#969122)\n- CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape (bsc#978158)\n- CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit (bsc#978160)\n- CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)\n- CVE-2016-2538: Fixed potential OOB access in USB net device emulation (bsc#967969)\n- CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)\n- CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number generator (bsc#970036)\n- CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)\n- CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic (bsc#975128)\n- CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller (bsc#975136)\n- CVE-2016-4020: Fixed possible host data leakage to guest from TPR access (bsc#975700)\n- CVE-2016-2197: Prevent AHCI NULL pointer dereference when using FIS CLB engine (bsc#964411)\n- CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).\n- CVE-2015-7549: PCI null pointer dereferences (bsc#958917).\n- CVE-2015-8504: VNC floating point exception (bsc#958491).\n- CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS (bsc#959005).\n- CVE-2015-8567: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386).\n- CVE-2015-8568: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386).\n- CVE-2015-8613: Wrong sized memset in megasas command handler (bsc#961358).\n- CVE-2015-8619: Potential DoS for long HMP sendkey command argument (bsc#960334).\n- CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions (bsc#960725).\n- CVE-2015-8744: Incorrect l2 header validation could have lead to a crash via assert(2) call (bsc#960835).\n- CVE-2015-8745: Reading IMR registers could have lead to a crash via assert(2) call (bsc#960708).\n- CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).\n- CVE-2016-1714: Potential OOB memory access in processing firmware configuration (bsc#961691).\n- CVE-2016-1922: NULL pointer dereference when processing hmp i/o command (bsc#962320).\n- CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation by malicious privileged user within guest (bsc#963782).\n- CVE-2016-2198: Malicious privileged guest user were able to cause DoS by writing to read-only EHCI capabilities registers (bsc#964413).\n\nThis non-security issue was fixed\n- bsc#886378: qemu truncates vhd images in virt-rescue\n","id":"SUSE-SU-2016:1703-1","modified":"2016-06-29T05:47:55Z","published":"2016-06-29T05:47:55Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20161703-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/886378"},{"type":"REPORT","url":"https://bugzilla.suse.com/940929"},{"type":"REPORT","url":"https://bugzilla.suse.com/958491"},{"type":"REPORT","url":"https://bugzilla.suse.com/958917"},{"type":"REPORT","url":"https://bugzilla.suse.com/959005"},{"type":"REPORT","url":"https://bugzilla.suse.com/959386"},{"type":"REPORT","url":"https://bugzilla.suse.com/960334"},{"type":"REPORT","url":"https://bugzilla.suse.com/960708"},{"type":"REPORT","url":"https://bugzilla.suse.com/960725"},{"type":"REPORT","url":"https://bugzilla.suse.com/960835"},{"type":"REPORT","url":"https://bugzilla.suse.com/961332"},{"type":"REPORT","url":"https://bugzilla.suse.com/961333"},{"type":"REPORT","url":"https://bugzilla.suse.com/961358"},{"type":"REPORT","url":"https://bugzilla.suse.com/961556"},{"type":"REPORT","url":"https://bugzilla.suse.com/961691"},{"type":"REPORT","url":"https://bugzilla.suse.com/962320"},{"type":"REPORT","url":"https://bugzilla.suse.com/963782"},{"type":"REPORT","url":"https://bugzilla.suse.com/964411"},{"type":"REPORT","url":"https://bugzilla.suse.com/964413"},{"type":"REPORT","url":"https://bugzilla.suse.com/967969"},{"type":"REPORT","url":"https://bugzilla.suse.com/969121"},{"type":"REPORT","url":"https://bugzilla.suse.com/969122"},{"type":"REPORT","url":"https://bugzilla.suse.com/969350"},{"type":"REPORT","url":"https://bugzilla.suse.com/970036"},{"type":"REPORT","url":"https://bugzilla.suse.com/970037"},{"type":"REPORT","url":"https://bugzilla.suse.com/975128"},{"type":"REPORT","url":"https://bugzilla.suse.com/975136"},{"type":"REPORT","url":"https://bugzilla.suse.com/975700"},{"type":"REPORT","url":"https://bugzilla.suse.com/976109"},{"type":"REPORT","url":"https://bugzilla.suse.com/978158"},{"type":"REPORT","url":"https://bugzilla.suse.com/978160"},{"type":"REPORT","url":"https://bugzilla.suse.com/980711"},{"type":"REPORT","url":"https://bugzilla.suse.com/980723"},{"type":"REPORT","url":"https://bugzilla.suse.com/981266"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5745"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-7549"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8504"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8558"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8567"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8568"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8613"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8619"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8743"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8744"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8745"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8817"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-8818"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-1568"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-1714"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-1922"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-1981"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2197"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2198"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2538"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2841"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2857"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2858"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-3710"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-3712"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4001"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4002"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4020"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4037"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4439"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4441"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4952"}],"related":["CVE-2015-5745","CVE-2015-7549","CVE-2015-8504","CVE-2015-8558","CVE-2015-8567","CVE-2015-8568","CVE-2015-8613","CVE-2015-8619","CVE-2015-8743","CVE-2015-8744","CVE-2015-8745","CVE-2015-8817","CVE-2015-8818","CVE-2016-1568","CVE-2016-1714","CVE-2016-1922","CVE-2016-1981","CVE-2016-2197","CVE-2016-2198","CVE-2016-2538","CVE-2016-2841","CVE-2016-2857","CVE-2016-2858","CVE-2016-3710","CVE-2016-3712","CVE-2016-4001","CVE-2016-4002","CVE-2016-4020","CVE-2016-4037","CVE-2016-4439","CVE-2016-4441","CVE-2016-4952"],"summary":"Security update for qemu","upstream":["CVE-2015-5745","CVE-2015-7549","CVE-2015-8504","CVE-2015-8558","CVE-2015-8567","CVE-2015-8568","CVE-2015-8613","CVE-2015-8619","CVE-2015-8743","CVE-2015-8744","CVE-2015-8745","CVE-2015-8817","CVE-2015-8818","CVE-2016-1568","CVE-2016-1714","CVE-2016-1922","CVE-2016-1981","CVE-2016-2197","CVE-2016-2198","CVE-2016-2538","CVE-2016-2841","CVE-2016-2857","CVE-2016-2858","CVE-2016-3710","CVE-2016-3712","CVE-2016-4001","CVE-2016-4002","CVE-2016-4020","CVE-2016-4037","CVE-2016-4439","CVE-2016-4441","CVE-2016-4952"]}