vulnerability

SUSE: CVE-2019-12068: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:N/I:N/A:P)	Sep 24, 2019	Oct 24, 2019	Feb 4, 2022

Severity

CVSS

(AV:L/AC:L/Au:N/C:N/I:N/A:P)

Published

Sep 24, 2019

Added

Oct 24, 2019

Modified

Feb 4, 2022

Description

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.

Solutions

suse-upgrade-kvmsuse-upgrade-qemususe-upgrade-qemu-armsuse-upgrade-qemu-audio-alsasuse-upgrade-qemu-audio-osssuse-upgrade-qemu-audio-pasuse-upgrade-qemu-audio-sdlsuse-upgrade-qemu-audio-spicesuse-upgrade-qemu-block-curlsuse-upgrade-qemu-block-dmgsuse-upgrade-qemu-block-glustersuse-upgrade-qemu-block-iscsisuse-upgrade-qemu-block-nfssuse-upgrade-qemu-block-rbdsuse-upgrade-qemu-block-sshsuse-upgrade-qemu-chardev-baumsuse-upgrade-qemu-chardev-spicesuse-upgrade-qemu-extrasuse-upgrade-qemu-guest-agentsuse-upgrade-qemu-hw-display-qxlsuse-upgrade-qemu-hw-display-virtio-gpususe-upgrade-qemu-hw-display-virtio-gpu-pcisuse-upgrade-qemu-hw-display-virtio-vgasuse-upgrade-qemu-hw-s390x-virtio-gpu-ccwsuse-upgrade-qemu-hw-usb-redirectsuse-upgrade-qemu-ipxesuse-upgrade-qemu-ksmsuse-upgrade-qemu-kvmsuse-upgrade-qemu-langsuse-upgrade-qemu-linux-usersuse-upgrade-qemu-microvmsuse-upgrade-qemu-ppcsuse-upgrade-qemu-s390suse-upgrade-qemu-s390xsuse-upgrade-qemu-seabiossuse-upgrade-qemu-sgabiossuse-upgrade-qemu-skibootsuse-upgrade-qemu-toolssuse-upgrade-qemu-ui-cursessuse-upgrade-qemu-ui-gtksuse-upgrade-qemu-ui-openglsuse-upgrade-qemu-ui-sdlsuse-upgrade-qemu-ui-spice-appsuse-upgrade-qemu-ui-spice-coresuse-upgrade-qemu-vgabiossuse-upgrade-qemu-x86suse-upgrade-xensuse-upgrade-xen-develsuse-upgrade-xen-doc-htmlsuse-upgrade-xen-kmp-defaultsuse-upgrade-xen-kmp-paesuse-upgrade-xen-libssuse-upgrade-xen-libs-32bitsuse-upgrade-xen-toolssuse-upgrade-xen-tools-domu

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today