SUSE-SU-2017:0127-1 Security update for qemu

qemu was updated to fix several issues. These security issues were fixed: - CVE-2016-9102: Memory leak in the v9fsxattrcreate function in hw/9pfs/9p.c in allowed local guest OS administrators to cause a denial of service memory consumption and QEMU process crash via a large number of Txattrcreate...

CVE-2016-2538

Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...

CVE-2016-5337

The megasasctrlgetinfo function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information...

CVE-2016-4454

The vmsvgafiforeadraw function in hw/display/vmwarevga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service QEMU process crash by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read...

Out-of-bounds

The vmsvgafiforeadraw function in hw/display/vmwarevga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service QEMU process crash by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read...