Bugzilla – Bug 1110924
VUL-0: CVE-2018-10839: xen: ne2000: integer overflow leads to buffer overflow issue
Last modified: 2019-08-30 15:13:27 UTC
+++ This bug was initially created as a clone of Bug #1110910 +++ It looks like that the ne2000 emulator inside Xen is also affected. rh#1581013 Qemu emulator built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. Upstream fix: ------------- -> https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html References: https://bugzilla.redhat.com/show_bug.cgi?id=1581013 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10839
Applicable to xen qemu 'upstream' version for, SLE11-SP3/SP4, SLE12, SLE12-SP1 qemu traditional version does not try to assign size_ to size which converts from size_t to integer and therefore it does not have the problem. This means older than SLE11-SP3 and newer than SLE12-SP1 have no need for a fix in Xen's qemu. Xen uses kvm/qemu on SLE12-SP2 and newer which does need the fix but that is the other bug.
SUSE-SU-2019:0827-1: An update that solves 15 vulnerabilities and has 10 fixes is now available. Category: security (important) Bug References: 1027519,1056336,1105528,1108940,1110924,1111007,1111011,1111014,1112188,1114423,1114988,1115040,1115045,1115047,1117756,1123157,1126140,1126141,1126192,1126195,1126196,1126198,1126201,1127400,1129623 CVE References: CVE-2017-13672,CVE-2018-10839,CVE-2018-17958,CVE-2018-17962,CVE-2018-17963,CVE-2018-18438,CVE-2018-18849,CVE-2018-19665,CVE-2018-19961,CVE-2018-19962,CVE-2018-19965,CVE-2018-19966,CVE-2018-19967,CVE-2019-6778,CVE-2019-9824 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): xen-4.4.4_40-22.77.1 *** NOTE: This information is not intended to be used for external communication, because this may only be a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:0825-1: An update that solves 14 vulnerabilities and has 5 fixes is now available. Category: security (important) Bug References: 1056336,1110924,1111007,1111011,1111014,1112188,1114423,1114988,1115040,1115047,1117756,1123157,1126140,1126141,1126192,1126195,1126196,1126201,1129623 CVE References: CVE-2017-13672,CVE-2018-10839,CVE-2018-17958,CVE-2018-17962,CVE-2018-17963,CVE-2018-18438,CVE-2018-18849,CVE-2018-19665,CVE-2018-19961,CVE-2018-19962,CVE-2018-19966,CVE-2018-19967,CVE-2019-6778,CVE-2019-9824 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): xen-4.5.5_28-22.58.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): xen-4.5.5_28-22.58.1 *** NOTE: This information is not intended to be used for external communication, because this may only be a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:14011-1: An update that solves 14 vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1110924,1111007,1111011,1111014,1112188,1114423,1114988,1115040,1115045,1115047,1117756,1123157,1126140,1126141,1126192,1126195,1126196,1129623 CVE References: CVE-2018-10839,CVE-2018-17958,CVE-2018-17962,CVE-2018-17963,CVE-2018-18438,CVE-2018-18849,CVE-2018-19665,CVE-2018-19961,CVE-2018-19962,CVE-2018-19965,CVE-2018-19966,CVE-2018-19967,CVE-2019-6778,CVE-2019-9824 Sources used: SUSE Linux Enterprise Point of Sale 11-SP3 (src): xen-4.2.5_21-45.30.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): xen-4.2.5_21-45.30.1 *** NOTE: This information is not intended to be used for external communication, because this may only be a partial fix. If you have questions please reach out to maintenance coordination.
Fixed and released.
released