Anfälligkeitssuche        Suche in 211766 CVE Beschreibungen
und 97459 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.4.2016.0010.1
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2016:0010-1)
Zusammenfassung:The remote host is missing an update for the 'kvm' package(s) announced via the SUSE-SU-2016:0010-1 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'kvm' package(s) announced via the SUSE-SU-2016:0010-1 advisory.

Vulnerability Insight:
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2015-7512: The receive packet size is now checked in the emulated
pcnet driver, eliminating buffer overflow and potential security issue
by malicious guest systems. (bsc#957162)
- CVE-2015-8345: A infinite loop in processing command block list was
fixed that could be exploit by malicious guest systems (bsc#956829).
Other bugs fixed:
- To assist users past the migration incompatibility discussed in
bsc#950590 (restore migration compatibility with SLE11 SP3 and SLE12, at
the unfortunate expense to prior SLE11 SP4 kvm release compatability
when a virtio-net device is used), print a message which references the
support document TID 7017048. See
[link moved to references]
- Fix cases of wrong clock values in kvmclock timekeeping (bsc#947164 and
bsc#953187)
- Enforce pxe rom sizes to ensure migration compatibility. (bsc#950590)
- Fix kvm live migration fails between sles11 sp3 and sp4 (bsc#950590)

Affected Software/OS:
'kvm' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Desktop 11-SP4

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-7512
BugTraq ID: 78230
http://www.securityfocus.com/bid/78230
Debian Security Information: DSA-3469 (Google Search)
http://www.debian.org/security/2016/dsa-3469
Debian Security Information: DSA-3470 (Google Search)
http://www.debian.org/security/2016/dsa-3470
Debian Security Information: DSA-3471 (Google Search)
http://www.debian.org/security/2016/dsa-3471
https://security.gentoo.org/glsa/201602-01
http://www.openwall.com/lists/oss-security/2015/11/30/3
RedHat Security Advisories: RHSA-2015:2694
http://rhn.redhat.com/errata/RHSA-2015-2694.html
RedHat Security Advisories: RHSA-2015:2695
http://rhn.redhat.com/errata/RHSA-2015-2695.html
RedHat Security Advisories: RHSA-2015:2696
http://rhn.redhat.com/errata/RHSA-2015-2696.html
http://www.securitytracker.com/id/1034527
Common Vulnerability Exposure (CVE) ID: CVE-2015-8345
BugTraq ID: 77985
http://www.securityfocus.com/bid/77985
http://www.openwall.com/lists/oss-security/2015/11/25/11
https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 97459 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.