Bugzilla – Bug 1166240
VUL-0: CVE-2020-1711: kvm,qemu: block: iscsi: OOB heap access via an unexpected response of iSCSI Server
Last modified: 2021-05-27 12:48:35 UTC
An out-of-bounds heap buffer access issue was found in the way iSCSI Block driver in QEMU handled response coming from an iSCSI server, while checking status of a Logical Address Block (LBA) in iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process resulting in DoS OR potentially execute arbitrary code with privileges of the QEMU process on the host. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2020-01/msg05535.html Reference: ---------- -> https://www.openwall.com/lists/oss-security/2020/01/23/3 http://seclists.org/oss-sec/2020/q1/31
SUSE-SU-2020:0844-1: An update that solves 6 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1123156,1154790,1161066,1162729,1163018,1165776,1166240,1166379 CVE References: CVE-2019-15034,CVE-2019-20382,CVE-2019-6778,CVE-2020-1711,CVE-2020-7039,CVE-2020-8608 Sources used: SUSE Linux Enterprise Module for Server Applications 15-SP1 (src): qemu-3.1.1.1-9.14.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): qemu-3.1.1.1-9.14.1, qemu-linux-user-3.1.1.1-9.14.1, qemu-testsuite-3.1.1.1-9.14.2 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): qemu-3.1.1.1-9.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:0845-1: An update that solves 6 vulnerabilities and has 6 fixes is now available. Category: security (important) Bug References: 1123156,1154790,1156642,1156794,1158880,1161066,1162161,1162729,1163018,1165776,1166240,1166379 CVE References: CVE-2019-15034,CVE-2019-20382,CVE-2019-6778,CVE-2020-1711,CVE-2020-7039,CVE-2020-8608 Sources used: SUSE Linux Enterprise Server 12-SP5 (src): qemu-3.1.1.1-3.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2020:0468-1: An update that solves 6 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1123156,1154790,1161066,1162729,1163018,1165776,1166240,1166379 CVE References: CVE-2019-15034,CVE-2019-20382,CVE-2019-6778,CVE-2020-1711,CVE-2020-7039,CVE-2020-8608 Sources used: openSUSE Leap 15.1 (src): qemu-3.1.1.1-lp151.7.12.1, qemu-linux-user-3.1.1.1-lp151.7.12.1
This is an autogenerated message for OBS integration: This bug (1166240) was mentioned in https://build.opensuse.org/request/show/795126 Factory / qemu
It doesn't seem that qemu versions earlier than v2.1 don't suffer from this vulnerability so SLE12 and earlier releases are not affected.
(In reply to Bruce Rogers from comment #7) > It doesn't seem that qemu versions earlier than v2.1 don't suffer from this > vulnerability so SLE12 and earlier releases are not affected. Sorry for poor English. This is what happens when working from home and being distracted while working. Nix the second negative.
All affected qemu packages are fixed and checked in for maintenance update. Reassigning to security team.
SUSE-SU-2020:1501-1: An update that fixes 6 vulnerabilities is now available. Category: security (moderate) Bug References: 1123156,1161066,1163018,1165776,1166240,1170940 CVE References: CVE-2019-20382,CVE-2019-6778,CVE-2020-1711,CVE-2020-1983,CVE-2020-7039,CVE-2020-8608 Sources used: SUSE Linux Enterprise Server 12-SP4 (src): qemu-2.11.2-5.26.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:1514-1: An update that fixes 7 vulnerabilities is now available. Category: security (moderate) Bug References: 1123156,1146873,1149811,1161066,1163018,1166240,1170940 CVE References: CVE-2019-12068,CVE-2019-15890,CVE-2019-6778,CVE-2020-1711,CVE-2020-1983,CVE-2020-7039,CVE-2020-8608 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): qemu-2.3.1-33.29.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): qemu-2.3.1-33.29.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:1523-1: An update that fixes 6 vulnerabilities is now available. Category: security (moderate) Bug References: 1123156,1161066,1163018,1165776,1166240,1170940 CVE References: CVE-2019-20382,CVE-2019-6778,CVE-2020-1711,CVE-2020-1983,CVE-2020-7039,CVE-2020-8608 Sources used: SUSE Linux Enterprise Server for SAP 15 (src): qemu-2.11.2-9.36.1 SUSE Linux Enterprise Server 15-LTSS (src): qemu-2.11.2-9.36.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): qemu-2.11.2-9.36.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): qemu-2.11.2-9.36.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:1526-1: An update that fixes 7 vulnerabilities is now available. Category: security (moderate) Bug References: 1123156,1146873,1149811,1161066,1163018,1166240,1170940 CVE References: CVE-2019-12068,CVE-2019-15890,CVE-2019-6778,CVE-2020-1711,CVE-2020-1983,CVE-2020-7039,CVE-2020-8608 Sources used: SUSE OpenStack Cloud 7 (src): qemu-2.6.2-41.59.1 SUSE Linux Enterprise Server for SAP 12-SP2 (src): qemu-2.6.2-41.59.1 SUSE Linux Enterprise Server 12-SP2-LTSS (src): qemu-2.6.2-41.59.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): qemu-2.6.2-41.59.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:1538-1: An update that solves 7 vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1123156,1146873,1149811,1160024,1161066,1163018,1166240,1170940 CVE References: CVE-2019-12068,CVE-2019-15890,CVE-2019-6778,CVE-2020-1711,CVE-2020-1983,CVE-2020-7039,CVE-2020-8608 Sources used: SUSE OpenStack Cloud Crowbar 8 (src): qemu-2.9.1-6.44.1 SUSE OpenStack Cloud 8 (src): qemu-2.9.1-6.44.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): qemu-2.9.1-6.44.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): qemu-2.9.1-6.44.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): qemu-2.9.1-6.44.1 SUSE Enterprise Storage 5 (src): qemu-2.9.1-6.44.1 HPE Helion Openstack 8 (src): qemu-2.9.1-6.44.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Done