vulnerability
SUSE: CVE-2019-12068: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:N/A:P) | Sep 24, 2019 | Oct 24, 2019 | Feb 4, 2022 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:P)
Published
Sep 24, 2019
Added
Oct 24, 2019
Modified
Feb 4, 2022
Description
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.
Solution(s)
suse-upgrade-kvmsuse-upgrade-qemususe-upgrade-qemu-armsuse-upgrade-qemu-audio-alsasuse-upgrade-qemu-audio-osssuse-upgrade-qemu-audio-pasuse-upgrade-qemu-audio-sdlsuse-upgrade-qemu-audio-spicesuse-upgrade-qemu-block-curlsuse-upgrade-qemu-block-dmgsuse-upgrade-qemu-block-glustersuse-upgrade-qemu-block-iscsisuse-upgrade-qemu-block-nfssuse-upgrade-qemu-block-rbdsuse-upgrade-qemu-block-sshsuse-upgrade-qemu-chardev-baumsuse-upgrade-qemu-chardev-spicesuse-upgrade-qemu-extrasuse-upgrade-qemu-guest-agentsuse-upgrade-qemu-hw-display-qxlsuse-upgrade-qemu-hw-display-virtio-gpususe-upgrade-qemu-hw-display-virtio-gpu-pcisuse-upgrade-qemu-hw-display-virtio-vgasuse-upgrade-qemu-hw-s390x-virtio-gpu-ccwsuse-upgrade-qemu-hw-usb-redirectsuse-upgrade-qemu-ipxesuse-upgrade-qemu-ksmsuse-upgrade-qemu-kvmsuse-upgrade-qemu-langsuse-upgrade-qemu-linux-usersuse-upgrade-qemu-microvmsuse-upgrade-qemu-ppcsuse-upgrade-qemu-s390suse-upgrade-qemu-s390xsuse-upgrade-qemu-seabiossuse-upgrade-qemu-sgabiossuse-upgrade-qemu-skibootsuse-upgrade-qemu-toolssuse-upgrade-qemu-ui-cursessuse-upgrade-qemu-ui-gtksuse-upgrade-qemu-ui-openglsuse-upgrade-qemu-ui-sdlsuse-upgrade-qemu-ui-spice-appsuse-upgrade-qemu-ui-spice-coresuse-upgrade-qemu-vgabiossuse-upgrade-qemu-x86suse-upgrade-xensuse-upgrade-xen-develsuse-upgrade-xen-doc-htmlsuse-upgrade-xen-kmp-defaultsuse-upgrade-xen-kmp-paesuse-upgrade-xen-libssuse-upgrade-xen-libs-32bitsuse-upgrade-xen-toolssuse-upgrade-xen-tools-domu
References
- SUSE-SUSE-SU-2019:14199-1
- SUSE-SUSE-SU-2019:14201-1
- SUSE-SUSE-SU-2019:2753-1
- SUSE-SUSE-SU-2019:2769-1
- SUSE-SUSE-SU-2019:2783-1
- SUSE-SUSE-SU-2019:2954-1
- SUSE-SUSE-SU-2019:2955-1
- SUSE-SUSE-SU-2019:2956-1
- SUSE-SUSE-SU-2020:0388-1
- SUSE-SUSE-SU-2020:14396-1
- SUSE-SUSE-SU-2020:1514-1
- SUSE-SUSE-SU-2020:1526-1
- SUSE-SUSE-SU-2020:1538-1
- SUSE-SUSE-SU-2021:14706-1
- UBUNTU-USN-4191-1
- UBUNTU-USN-4191-2
- NVD-CVE-2019-12068
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.