vulnerability
SUSE: CVE-2019-3812: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Feb 19, 2019 | Apr 17, 2019 | Feb 4, 2022 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Feb 19, 2019
Added
Apr 17, 2019
Modified
Feb 4, 2022
Description
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.
Solution(s)
suse-upgrade-qemususe-upgrade-qemu-armsuse-upgrade-qemu-audio-alsasuse-upgrade-qemu-audio-osssuse-upgrade-qemu-audio-pasuse-upgrade-qemu-block-curlsuse-upgrade-qemu-block-dmgsuse-upgrade-qemu-block-glustersuse-upgrade-qemu-block-iscsisuse-upgrade-qemu-block-rbdsuse-upgrade-qemu-block-sshsuse-upgrade-qemu-extrasuse-upgrade-qemu-guest-agentsuse-upgrade-qemu-ipxesuse-upgrade-qemu-ksmsuse-upgrade-qemu-kvmsuse-upgrade-qemu-langsuse-upgrade-qemu-ppcsuse-upgrade-qemu-s390suse-upgrade-qemu-seabiossuse-upgrade-qemu-sgabiossuse-upgrade-qemu-toolssuse-upgrade-qemu-ui-cursessuse-upgrade-qemu-ui-gtksuse-upgrade-qemu-vgabiossuse-upgrade-qemu-x86
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.