SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2015:0929-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.4.2015.0929.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2015:0929-1)
Summary:	The remote host is missing an update for the 'kvm' package(s) announced via the SUSE-SU-2015:0929-1 advisory.
Description:	Summary: The remote host is missing an update for the 'kvm' package(s) announced via the SUSE-SU-2015:0929-1 advisory. Vulnerability Insight: The kvm qemu vt100 emulation was affected by a problem where specific vt100 sequences could have been used by guest users to affect the host. (CVE-2012-3515 aka XSA-17). Also a temp file race was fixed. (CVE-2012-2652) Security Issue reference: * CVE-2012-3515 <[link moved to references]> * CVE-2012-2652 <[link moved to references]> Affected Software/OS: 'kvm' package(s) on SUSE Linux Enterprise Server 11-SP1. Solution: Please install the updated package(s). CVSS Score: 7.7 CVSS Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1750 44132 http://secunia.com/advisories/44132 44393 http://secunia.com/advisories/44393 44658 http://secunia.com/advisories/44658 44660 http://secunia.com/advisories/44660 44900 http://secunia.com/advisories/44900 73756 http://www.osvdb.org/73756 DSA-2230 https://www.debian.org/security/2011/dsa-2230 FEDORA-2012-8604 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html RHSA-2011:0534 http://rhn.redhat.com/errata/RHSA-2011-0534.html SUSE-SU-2011:0533 https://hermes.opensuse.org/messages/8572547 USN-1145-1 https://www.ubuntu.com/usn/USN-1145-1/ [Qemu-devel] 20110330 Re: virtio-blk.c handling of i/o which is not a 512 multiple http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03019.html [Qemu-devel] 20110330 virtio-blk.c handling of i/o which is not a 512 multiple http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03015.html http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=52c050236eaa4f0b5e1d160cd66dc18106445c4d kvm-virtioblk-priv-escalation(67062) https://exchange.xforce.ibmcloud.com/vulnerabilities/67062 openSUSE-SU-2011:0510 http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html Common Vulnerability Exposure (CVE) ID: CVE-2011-1751 44458 http://secunia.com/advisories/44458 44648 http://secunia.com/advisories/44648 47927 http://www.securityfocus.com/bid/47927 73395 http://www.osvdb.org/73395 [Qemu-devel] 20110519 [PATCH] Ignore pci unplug requests for unpluggable devices http://lists.nongnu.org/archive/html/qemu-devel/2011-05/msg01810.html [oss-security] 20110519 CVE-2011-1751 qemu: acpi_piix4: missing hotplug check during device removal http://www.openwall.com/lists/oss-security/2011/05/19/2 http://blog.nelhage.com/2011/08/breaking-out-of-kvm/ http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=505597e4476a6bc219d0ec1362b760d71cb4fdca https://bugzilla.redhat.com/show_bug.cgi?id=699773 https://github.com/nelhage/virtunoid Common Vulnerability Exposure (CVE) ID: CVE-2011-2212 45158 http://secunia.com/advisories/45158 45170 http://secunia.com/advisories/45170 45187 http://secunia.com/advisories/45187 45188 http://secunia.com/advisories/45188 45301 http://secunia.com/advisories/45301 45354 http://secunia.com/advisories/45354 74751 http://www.osvdb.org/74751 DSA-2282 https://www.debian.org/security/2011/dsa-2282 RHSA-2011:0919 http://rhn.redhat.com/errata/RHSA-2011-0919.html SUSE-SU-2011:0806 https://hermes.opensuse.org/messages/9605323 USN-1165-1 http://ubuntu.com/usn/usn-1165-1 https://bugzilla.redhat.com/show_bug.cgi?id=713589 openSUSE-SU-2011:0803 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2512 DSA-2270 https://www.debian.org/security/2011/dsa-2270 [oss-security] 20110628 CVE request: qemu-kvm: OOB memory access caused by negative vq notifies http://www.openwall.com/lists/oss-security/2011/06/28/13 [oss-security] 20110629 Re: CVE request: qemu-kvm: OOB memory access caused by negative vq notifies http://www.openwall.com/lists/oss-security/2011/06/29/15 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=7157e2e23e89adcd436caeab31fdd6b47eded377 Common Vulnerability Exposure (CVE) ID: CVE-2011-2527 45419 http://secunia.com/advisories/45419 47157 http://secunia.com/advisories/47157 47992 http://secunia.com/advisories/47992 48659 http://www.securityfocus.com/bid/48659 74752 http://www.osvdb.org/74752 RHSA-2011:1531 http://rhn.redhat.com/errata/RHSA-2011-1531.html USN-1177-1 http://ubuntu.com/usn/usn-1177-1 [oss-security] 20110712 CVE Request: qemu -runas does not clear supplementary groups http://www.openwall.com/lists/oss-security/2011/07/12/5 [oss-security] 20110712 Re: CVE Request: qemu -runas does not clear supplementary groups http://www.openwall.com/lists/oss-security/2011/07/12/15 https://bugs.launchpad.net/qemu/+bug/807893 openSUSE-SU-2012:0207 http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html qemu-runas-priv-escalation(68539) https://exchange.xforce.ibmcloud.com/vulnerabilities/68539 Common Vulnerability Exposure (CVE) ID: CVE-2012-0029 47740 http://secunia.com/advisories/47740 47741 http://secunia.com/advisories/47741 48318 http://secunia.com/advisories/48318 50913 http://secunia.com/advisories/50913 51642 http://www.securityfocus.com/bid/51642 RHSA-2012:0050 http://www.redhat.com/support/errata/RHSA-2012-0050.html RHSA-2012:0370 http://rhn.redhat.com/errata/RHSA-2012-0370.html SUSE-SU-2012:1320 http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html USN-1339-1 http://www.ubuntu.com/usn/USN-1339-1 http://git.qemu.org/?p=qemu.git%3Ba=log%3Bh=refs/heads/stable-1.0 https://bugzilla.redhat.com/show_bug.cgi?id=772075 qemu-processtxdesc-bo(72656) https://exchange.xforce.ibmcloud.com/vulnerabilities/72656 Common Vulnerability Exposure (CVE) ID: CVE-2012-2652 50132 http://secunia.com/advisories/50132 50689 http://secunia.com/advisories/50689 53725 http://www.securityfocus.com/bid/53725 DSA-2545 http://www.debian.org/security/2012/dsa-2545 SUSE-SU-2012:1202 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html USN-1522-1 http://www.ubuntu.com/usn/USN-1522-1 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=eba25057b9a5e19d10ace2bc7716667a31297169 http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log Common Vulnerability Exposure (CVE) ID: CVE-2012-3515 50472 http://secunia.com/advisories/50472 50528 http://secunia.com/advisories/50528 50530 http://secunia.com/advisories/50530 50632 http://secunia.com/advisories/50632 50860 http://secunia.com/advisories/50860 51413 http://secunia.com/advisories/51413 55082 http://secunia.com/advisories/55082 55413 http://www.securityfocus.com/bid/55413 DSA-2543 http://www.debian.org/security/2012/dsa-2543 GLSA-201309-24 http://security.gentoo.org/glsa/glsa-201309-24.xml GLSA-201604-03 https://security.gentoo.org/glsa/201604-03 RHSA-2012:1233 http://rhn.redhat.com/errata/RHSA-2012-1233.html RHSA-2012:1234 http://rhn.redhat.com/errata/RHSA-2012-1234.html RHSA-2012:1235 http://rhn.redhat.com/errata/RHSA-2012-1235.html RHSA-2012:1236 http://rhn.redhat.com/errata/RHSA-2012-1236.html RHSA-2012:1262 http://rhn.redhat.com/errata/RHSA-2012-1262.html RHSA-2012:1325 http://rhn.redhat.com/errata/RHSA-2012-1325.html SUSE-SU-2012:1129 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html SUSE-SU-2012:1132 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html SUSE-SU-2012:1133 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html SUSE-SU-2012:1135 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html SUSE-SU-2012:1162 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html SUSE-SU-2012:1203 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00026.html SUSE-SU-2012:1205 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00027.html USN-1590-1 http://www.ubuntu.com/usn/USN-1590-1 [Xen-announce] 20120905 Xen Security Advisory 17 (CVE-2012-3515) - Qemu VT100 emulation vulnerability http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html [oss-security] 20120905 Xen Security Advisory 17 (CVE-2012-3515) - Qemu VT100 emulation vulnerability http://www.openwall.com/lists/oss-security/2012/09/05/10 http://support.citrix.com/article/CTX134708 http://wiki.xen.org/wiki/Security_Announcements#XSA-17_Qemu_VT100_emulation_vulnerability openSUSE-SU-2012:1153 http://lists.opensuse.org/opensuse-updates/2012-09/msg00051.html openSUSE-SU-2012:1170 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00016.html openSUSE-SU-2012:1172 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html openSUSE-SU-2012:1174 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html openSUSE-SU-2012:1572 http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html openSUSE-SU-2012:1573 http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0222 67357 http://www.securityfocus.com/bid/67357 DSA-3044 http://www.debian.org/security/2014/dsa-3044 FEDORA-2014-6288 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html FEDORA-2014-6970 http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html SUSE-SU-2015:0929 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html [Qemu-devel] 20140512 [PATCH 3/5] qcow1: Validate L2 table size (CVE-2014-0222) https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html [Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html openSUSE-SU-2015:1965 http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0223 67391 http://www.securityfocus.com/bid/67391 [Qemu-devel] 20140512 [PATCH 4/5] qcow1: Validate image size (CVE-2014-0223) https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3209 1032545 http://www.securitytracker.com/id/1032545 75123 http://www.securityfocus.com/bid/75123 DSA-3284 http://www.debian.org/security/2015/dsa-3284 DSA-3285 http://www.debian.org/security/2015/dsa-3285 DSA-3286 http://www.debian.org/security/2015/dsa-3286 FEDORA-2015-10001 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160669.html FEDORA-2015-9965 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html FEDORA-2015-9978 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160677.html GLSA-201510-02 https://security.gentoo.org/glsa/201510-02 RHSA-2015:1087 http://rhn.redhat.com/errata/RHSA-2015-1087.html RHSA-2015:1088 http://rhn.redhat.com/errata/RHSA-2015-1088.html RHSA-2015:1089 http://rhn.redhat.com/errata/RHSA-2015-1089.html RHSA-2015:1189 http://rhn.redhat.com/errata/RHSA-2015-1189.html SUSE-SU-2015:1042 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html SUSE-SU-2015:1045 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html SUSE-SU-2015:1152 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html SUSE-SU-2015:1156 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html SUSE-SU-2015:1157 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html SUSE-SU-2015:1206 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00014.html SUSE-SU-2015:1426 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html SUSE-SU-2015:1519 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html SUSE-SU-2015:1643 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html USN-2630-1 http://www.ubuntu.com/usn/USN-2630-1 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://xenbits.xen.org/xsa/advisory-135.html https://kb.juniper.net/JSA10783 https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13 Common Vulnerability Exposure (CVE) ID: CVE-2015-3456 BugTraq ID: 74640 http://www.securityfocus.com/bid/74640 Debian Security Information: DSA-3259 (Google Search) http://www.debian.org/security/2015/dsa-3259 Debian Security Information: DSA-3262 (Google Search) http://www.debian.org/security/2015/dsa-3262 Debian Security Information: DSA-3274 (Google Search) http://www.debian.org/security/2015/dsa-3274 https://www.exploit-db.com/exploits/37053/ http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html https://security.gentoo.org/glsa/201602-01 https://security.gentoo.org/glsa/201612-27 HPdes Security Advisory: HPSBMU03336 http://marc.info/?l=bugtraq&m=143229451215900&w=2 HPdes Security Advisory: HPSBMU03349 http://marc.info/?l=bugtraq&m=143387998230996&w=2 HPdes Security Advisory: SSRT102076 http://venom.crowdstrike.com/ https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10 RedHat Security Advisories: RHSA-2015:0998 http://rhn.redhat.com/errata/RHSA-2015-0998.html RedHat Security Advisories: RHSA-2015:0999 http://rhn.redhat.com/errata/RHSA-2015-0999.html RedHat Security Advisories: RHSA-2015:1000 http://rhn.redhat.com/errata/RHSA-2015-1000.html RedHat Security Advisories: RHSA-2015:1001 http://rhn.redhat.com/errata/RHSA-2015-1001.html RedHat Security Advisories: RHSA-2015:1002 http://rhn.redhat.com/errata/RHSA-2015-1002.html RedHat Security Advisories: RHSA-2015:1003 http://rhn.redhat.com/errata/RHSA-2015-1003.html RedHat Security Advisories: RHSA-2015:1004 http://rhn.redhat.com/errata/RHSA-2015-1004.html RedHat Security Advisories: RHSA-2015:1011 http://rhn.redhat.com/errata/RHSA-2015-1011.html http://www.securitytracker.com/id/1032306 http://www.securitytracker.com/id/1032311 http://www.securitytracker.com/id/1032917 SuSE Security Announcement: SUSE-SU-2015:0889 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html SuSE Security Announcement: SUSE-SU-2015:0896 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html SuSE Security Announcement: SUSE-SU-2015:0923 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html SuSE Security Announcement: SUSE-SU-2015:0927 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html SuSE Security Announcement: SUSE-SU-2015:0929 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:0893 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html SuSE Security Announcement: openSUSE-SU-2015:0894 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html SuSE Security Announcement: openSUSE-SU-2015:0983 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html SuSE Security Announcement: openSUSE-SU-2015:1400 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html http://www.ubuntu.com/usn/USN-2608-1
Copyright	Copyright (C) 2021 Greenbone AG