OPENSUSE-SU-2019:2505-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 14 Nov 2019, 05:54
Last modified:04 Feb 2026, 03:13
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
14 Nov 2019, 05:54
Published
Vulnerability first disclosed
04 Feb 2026, 03:13
Last Modified
Vulnerability information updated
Description
Security update for qemu This update for qemu fixes the following issues: - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 - Fix use-after-free in slirp (CVE-2018-20126 bsc#1119991) - Fix potential DOS in lsi scsi controller emulation (CVE-2019-12068 bsc#1146873) - Expose taa-no 'feature', indicating CPU does not have the TSX Async Abort vulnerability. (CVE-2019-11135 bsc#1152506) - Expose pschange-mc-no 'feature', indicating CPU does not have the page size change machine check vulnerability (CVE-2018-12207 bsc#1155812) This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•qemu&distro=openSUSE Leap 15.0
< 2.11.2-lp150.7.28.1
References (9)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YGK33QVVCMOM3HRWRJ6FPIFV2JBB4XDB/#YGK33QVVCMOM3HRWRJ6FPIFV2JBB4XDB
- https://bugzilla.suse.com/1119991
- https://bugzilla.suse.com/1146873
- https://bugzilla.suse.com/1152506
- https://bugzilla.suse.com/1155812
- https://www.suse.com/security/cve/CVE-2018-12207
- https://www.suse.com/security/cve/CVE-2018-20126
- https://www.suse.com/security/cve/CVE-2019-11135
- https://www.suse.com/security/cve/CVE-2019-12068