Security update for kvm (important)

2016-01-0515:11:08

lists.opensuse.org

0.032 Low

EPSS

Percentile

90.0%

JSON

This update for kvm fixes the following issues:

Security issues fixed:

CVE-2015-7512: The receive packet size is now checked in the emulated
pcnet driver, eliminating buffer overflow and potential security issue
by malicious guest systems. (bsc#957162)
CVE-2015-8345: A infinite loop in processing command block list was
fixed that could be exploit by malicious guest systems (bsc#956829).

Bugs fixed:

Fix cases of wrong clock values in kvmclock timekeeping (bsc#947164 and
bsc#953187)
Enforce pxe rom sizes to ensure migration compatibility. (bsc#950590)

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Desktop11.3i586kvm< 1.4.2-37.1kvm-1.4.2-37.1.i586.rpm
SUSE Linux Enterprise Desktop11.3x86_64kvm< 1.4.2-37.1kvm-1.4.2-37.1.x86_64.rpm
SUSE Linux Enterprise Server11.3x86_64kvm< 1.4.2-37.1kvm-1.4.2-37.1.x86_64.rpm
SUSE Linux Enterprise Server11.3i586kvm< 1.4.2-37.1kvm-1.4.2-37.1.i586.rpm
SUSE Linux Enterprise Server11.3s390xkvm< 1.4.2-37.1kvm-1.4.2-37.1.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Linux Enterprise Desktop	11.3	i586	kvm	< 1.4.2-37.1	kvm-1.4.2-37.1.i586.rpm
SUSE Linux Enterprise Desktop	11.3	x86_64	kvm	< 1.4.2-37.1	kvm-1.4.2-37.1.x86_64.rpm
SUSE Linux Enterprise Server	11.3	x86_64	kvm	< 1.4.2-37.1	kvm-1.4.2-37.1.x86_64.rpm
SUSE Linux Enterprise Server	11.3	i586	kvm	< 1.4.2-37.1	kvm-1.4.2-37.1.i586.rpm
SUSE Linux Enterprise Server	11.3	s390x	kvm	< 1.4.2-37.1	kvm-1.4.2-37.1.s390x.rpm