KVM was updated to fix the following issues:
* CVE-2015-3456: A buffer overflow in the floppy drive emulation,
which could be used to carry out denial of service attacks or
potential code execution against the host. This vulnerability is
also known as VENOM.
* Validate VMDK4 version field so we don't process versions we know
nothing about. (bsc#834196)
Security Issues:
* CVE-2015-3456
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456</a>>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Server LTSS | 11.2 | x86_64 | kvm | <Β 0.15.1-0.29.1 | kvm-0.15.1-0.29.1.x86_64.rpm |
SUSE Linux Enterprise Server LTSS | 11.2 | i586 | kvm | <Β 0.15.1-0.29.1 | kvm-0.15.1-0.29.1.i586.rpm |