Security update for kvm (important)

ID SUSE-SU-2012:1205-1
Type suse
Reporter Suse
Modified 2012-09-18T15:08:40


The kvm qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17).

Also the following non security bugs have been fixed:

  • permit qemu-kvm -device "?" even when no /dev/kvm (bnc#772586)
  • SLES11SP2 KVM Virtio: on kvm guest, scsi inquiry was still ok on the disabled subpaths. (bnc#770153)