[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2016:1560-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":88,"duplicates":89,"related":90,"reserved_at":9,"published_at":128,"modified_at":129,"state":9,"summary":130,"references_raw":132,"kevs":445,"epss":9,"epss_history":446,"metrics":447,"affected":448},"SUSE-SU-2016:1560-1","Security update for qemu\n\nqemu was updated to fix 37 security issues.\n\nThese security issues were fixed:\n- CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)\n- CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)\n- CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation (bsc#981266)\n- CVE-2015-8817: Avoid OOB access in PCI DMA I/O (bsc#969121)\n- CVE-2015-8818: Avoid OOB access in PCI DMA I/O (bsc#969122)\n- CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape (bsc#978158)\n- CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit (bsc#978160)\n- CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)\n- CVE-2016-2538: Fixed potential OOB access in USB net device emulation (bsc#967969)\n- CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)\n- CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number generator (bsc#970036)\n- CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)\n- CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic (bsc#975128)\n- CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller (bsc#975136)\n- CVE-2016-4020: Fixed possible host data leakage to guest from TPR access (bsc#975700)\n- CVE-2015-3214: Fixed OOB read in i8254 PIC (bsc#934069)\n- CVE-2014-9718: Fixed the handling of malformed or short ide PRDTs to avoid any opportunity for guest to cause DoS by abusing that interface (bsc#928393)\n- CVE-2014-3689: Fixed insufficient parameter validation in rectangle functions (bsc#901508)\n- CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to read host memory by setting the display to a high resolution (bsc#895528).\n- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).\n- CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).\n- CVE-2015-7295: hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allowed remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface (bsc#947159).\n- CVE-2015-7549: PCI null pointer dereferences (bsc#958917).\n- CVE-2015-8504: VNC floating point exception (bsc#958491).\n- CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS (bsc#959005).\n- CVE-2015-8567: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386).\n- CVE-2015-8568: A guest repeatedly activating a vmxnet3 device can leak host memory (bsc#959386).\n- CVE-2015-8613: Wrong sized memset in megasas command handler (bsc#961358).\n- CVE-2015-8619: Potential DoS for long HMP sendkey command argument (bsc#960334).\n- CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions (bsc#960725).\n- CVE-2015-8744: Incorrect l2 header validation could have lead to a crash via assert(2) call (bsc#960835).\n- CVE-2015-8745: Reading IMR registers could have lead to a crash via assert(2) call (bsc#960708).\n- CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).\n- CVE-2016-1714: Potential OOB memory access in processing firmware configuration (bsc#961691).\n- CVE-2016-1922: NULL pointer dereference when processing hmp i/o command (bsc#962320).\n- CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation by malicious privileged user within guest (bsc#963782).\n- CVE-2016-2198: Malicious privileged guest user were able to cause DoS by writing to read-only EHCI capabilities registers (bsc#964413).\n\nThis non-security issue was fixed\n- bsc#886378: qemu truncates vhd images in virt-rescue\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86],{"_key":15},"CVE-2014-3615",{"_key":17},"CVE-2014-3689",{"_key":19},"CVE-2014-9718",{"_key":21},"CVE-2015-3214",{"_key":23},"CVE-2015-5239",{"_key":25},"CVE-2015-5745",{"_key":27},"CVE-2015-7295",{"_key":29},"CVE-2015-7549",{"_key":31},"CVE-2015-8504",{"_key":33},"CVE-2015-8558",{"_key":35},"CVE-2015-8567",{"_key":37},"CVE-2015-8568",{"_key":39},"CVE-2015-8613",{"_key":41},"CVE-2015-8619",{"_key":43},"CVE-2015-8743",{"_key":45},"CVE-2015-8744",{"_key":47},"CVE-2015-8745",{"_key":49},"CVE-2015-8817",{"_key":51},"CVE-2015-8818",{"_key":53},"CVE-2016-1568",{"_key":55},"CVE-2016-1714",{"_key":57},"CVE-2016-1922",{"_key":59},"CVE-2016-1981",{"_key":61},"CVE-2016-2198",{"_key":63},"CVE-2016-2538",{"_key":65},"CVE-2016-2841",{"_key":67},"CVE-2016-2857",{"_key":69},"CVE-2016-2858",{"_key":71},"CVE-2016-3710",{"_key":73},"CVE-2016-3712",{"_key":75},"CVE-2016-4001",{"_key":77},"CVE-2016-4002",{"_key":79},"CVE-2016-4020",{"_key":81},"CVE-2016-4037",{"_key":83},"CVE-2016-4439",{"_key":85},"CVE-2016-4441",{"_key":87},"CVE-2016-4952",[],[],[91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},"2016-06-13T07:13:18Z","2026-02-04T03:44:42.289772Z",{"cisa_kev":131,"cisa_ransomware":131,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[133,139,144,148,152,156,160,164,168,172,176,180,184,188,192,196,200,204,208,212,216,220,224,228,232,236,240,244,248,252,256,260,264,268,272,276,280,284,288,292,296,301,305,309,313,317,321,325,329,333,337,341,345,349,353,357,361,365,369,373,377,381,385,389,393,397,401,405,409,413,417,421,425,429,433,437,441],{"url":134,"sources":135,"tags":137},"https://www.suse.com/support/update/announcement/2016/suse-su-20161560-1/",[136],"osv_suse",[138],"Advisory",{"url":140,"sources":141,"tags":142},"https://bugzilla.suse.com/886378",[136],[143],"REPORT",{"url":145,"sources":146,"tags":147},"https://bugzilla.suse.com/895528",[136],[143],{"url":149,"sources":150,"tags":151},"https://bugzilla.suse.com/901508",[136],[143],{"url":153,"sources":154,"tags":155},"https://bugzilla.suse.com/928393",[136],[143],{"url":157,"sources":158,"tags":159},"https://bugzilla.suse.com/934069",[136],[143],{"url":161,"sources":162,"tags":163},"https://bugzilla.suse.com/940929",[136],[143],{"url":165,"sources":166,"tags":167},"https://bugzilla.suse.com/944463",[136],[143],{"url":169,"sources":170,"tags":171},"https://bugzilla.suse.com/947159",[136],[143],{"url":173,"sources":174,"tags":175},"https://bugzilla.suse.com/958491",[136],[143],{"url":177,"sources":178,"tags":179},"https://bugzilla.suse.com/958917",[136],[143],{"url":181,"sources":182,"tags":183},"https://bugzilla.suse.com/959005",[136],[143],{"url":185,"sources":186,"tags":187},"https://bugzilla.suse.com/959386",[136],[143],{"url":189,"sources":190,"tags":191},"https://bugzilla.suse.com/960334",[136],[143],{"url":193,"sources":194,"tags":195},"https://bugzilla.suse.com/960708",[136],[143],{"url":197,"sources":198,"tags":199},"https://bugzilla.suse.com/960725",[136],[143],{"url":201,"sources":202,"tags":203},"https://bugzilla.suse.com/960835",[136],[143],{"url":205,"sources":206,"tags":207},"https://bugzilla.suse.com/961332",[136],[143],{"url":209,"sources":210,"tags":211},"https://bugzilla.suse.com/961333",[136],[143],{"url":213,"sources":214,"tags":215},"https://bugzilla.suse.com/961358",[136],[143],{"url":217,"sources":218,"tags":219},"https://bugzilla.suse.com/961556",[136],[143],{"url":221,"sources":222,"tags":223},"https://bugzilla.suse.com/961691",[136],[143],{"url":225,"sources":226,"tags":227},"https://bugzilla.suse.com/962320",[136],[143],{"url":229,"sources":230,"tags":231},"https://bugzilla.suse.com/963782",[136],[143],{"url":233,"sources":234,"tags":235},"https://bugzilla.suse.com/964413",[136],[143],{"url":237,"sources":238,"tags":239},"https://bugzilla.suse.com/967969",[136],[143],{"url":241,"sources":242,"tags":243},"https://bugzilla.suse.com/969121",[136],[143],{"url":245,"sources":246,"tags":247},"https://bugzilla.suse.com/969122",[136],[143],{"url":249,"sources":250,"tags":251},"https://bugzilla.suse.com/969350",[136],[143],{"url":253,"sources":254,"tags":255},"https://bugzilla.suse.com/970036",[136],[143],{"url":257,"sources":258,"tags":259},"https://bugzilla.suse.com/970037",[136],[143],{"url":261,"sources":262,"tags":263},"https://bugzilla.suse.com/975128",[136],[143],{"url":265,"sources":266,"tags":267},"https://bugzilla.suse.com/975136",[136],[143],{"url":269,"sources":270,"tags":271},"https://bugzilla.suse.com/975700",[136],[143],{"url":273,"sources":274,"tags":275},"https://bugzilla.suse.com/976109",[136],[143],{"url":277,"sources":278,"tags":279},"https://bugzilla.suse.com/978158",[136],[143],{"url":281,"sources":282,"tags":283},"https://bugzilla.suse.com/978160",[136],[143],{"url":285,"sources":286,"tags":287},"https://bugzilla.suse.com/980711",[136],[143],{"url":289,"sources":290,"tags":291},"https://bugzilla.suse.com/980723",[136],[143],{"url":293,"sources":294,"tags":295},"https://bugzilla.suse.com/981266",[136],[143],{"url":297,"sources":298,"tags":299},"https://www.suse.com/security/cve/CVE-2014-3615",[136],[300],"WEB",{"url":302,"sources":303,"tags":304},"https://www.suse.com/security/cve/CVE-2014-3689",[136],[300],{"url":306,"sources":307,"tags":308},"https://www.suse.com/security/cve/CVE-2014-9718",[136],[300],{"url":310,"sources":311,"tags":312},"https://www.suse.com/security/cve/CVE-2015-3214",[136],[300],{"url":314,"sources":315,"tags":316},"https://www.suse.com/security/cve/CVE-2015-5239",[136],[300],{"url":318,"sources":319,"tags":320},"https://www.suse.com/security/cve/CVE-2015-5745",[136],[300],{"url":322,"sources":323,"tags":324},"https://www.suse.com/security/cve/CVE-2015-7295",[136],[300],{"url":326,"sources":327,"tags":328},"https://www.suse.com/security/cve/CVE-2015-7549",[136],[300],{"url":330,"sources":331,"tags":332},"https://www.suse.com/security/cve/CVE-2015-8504",[136],[300],{"url":334,"sources":335,"tags":336},"https://www.suse.com/security/cve/CVE-2015-8558",[136],[300],{"url":338,"sources":339,"tags":340},"https://www.suse.com/security/cve/CVE-2015-8567",[136],[300],{"url":342,"sources":343,"tags":344},"https://www.suse.com/security/cve/CVE-2015-8568",[136],[300],{"url":346,"sources":347,"tags":348},"https://www.suse.com/security/cve/CVE-2015-8613",[136],[300],{"url":350,"sources":351,"tags":352},"https://www.suse.com/security/cve/CVE-2015-8619",[136],[300],{"url":354,"sources":355,"tags":356},"https://www.suse.com/security/cve/CVE-2015-8743",[136],[300],{"url":358,"sources":359,"tags":360},"https://www.suse.com/security/cve/CVE-2015-8744",[136],[300],{"url":362,"sources":363,"tags":364},"https://www.suse.com/security/cve/CVE-2015-8745",[136],[300],{"url":366,"sources":367,"tags":368},"https://www.suse.com/security/cve/CVE-2015-8817",[136],[300],{"url":370,"sources":371,"tags":372},"https://www.suse.com/security/cve/CVE-2015-8818",[136],[300],{"url":374,"sources":375,"tags":376},"https://www.suse.com/security/cve/CVE-2016-1568",[136],[300],{"url":378,"sources":379,"tags":380},"https://www.suse.com/security/cve/CVE-2016-1714",[136],[300],{"url":382,"sources":383,"tags":384},"https://www.suse.com/security/cve/CVE-2016-1922",[136],[300],{"url":386,"sources":387,"tags":388},"https://www.suse.com/security/cve/CVE-2016-1981",[136],[300],{"url":390,"sources":391,"tags":392},"https://www.suse.com/security/cve/CVE-2016-2198",[136],[300],{"url":394,"sources":395,"tags":396},"https://www.suse.com/security/cve/CVE-2016-2538",[136],[300],{"url":398,"sources":399,"tags":400},"https://www.suse.com/security/cve/CVE-2016-2841",[136],[300],{"url":402,"sources":403,"tags":404},"https://www.suse.com/security/cve/CVE-2016-2857",[136],[300],{"url":406,"sources":407,"tags":408},"https://www.suse.com/security/cve/CVE-2016-2858",[136],[300],{"url":410,"sources":411,"tags":412},"https://www.suse.com/security/cve/CVE-2016-3710",[136],[300],{"url":414,"sources":415,"tags":416},"https://www.suse.com/security/cve/CVE-2016-3712",[136],[300],{"url":418,"sources":419,"tags":420},"https://www.suse.com/security/cve/CVE-2016-4001",[136],[300],{"url":422,"sources":423,"tags":424},"https://www.suse.com/security/cve/CVE-2016-4002",[136],[300],{"url":426,"sources":427,"tags":428},"https://www.suse.com/security/cve/CVE-2016-4020",[136],[300],{"url":430,"sources":431,"tags":432},"https://www.suse.com/security/cve/CVE-2016-4037",[136],[300],{"url":434,"sources":435,"tags":436},"https://www.suse.com/security/cve/CVE-2016-4439",[136],[300],{"url":438,"sources":439,"tags":440},"https://www.suse.com/security/cve/CVE-2016-4441",[136],[300],{"url":442,"sources":443,"tags":444},"https://www.suse.com/security/cve/CVE-2016-4952",[136],[300],[],[],[],[449,462,466],{"ecosystem":450,"name":451,"vendor":452,"product":453,"cpe_part":9,"purl_type":454,"purl_namespace":452,"purl_name":453,"source":9,"versions":455},"SUSE Linux Enterprise","qemu","suse","qemu&distro=SUSE Linux Enterprise Desktop 12","rpm",[456],{"version":457,"is_range":458,"range_type":459,"version_start":9,"version_start_type":9,"version_end":460,"version_end_type":461,"fixed_in":9},"lt2_0_2_48_19_1",true,"ecosystem","2.0.2-48.19.1","excluding",{"ecosystem":450,"name":451,"vendor":452,"product":463,"cpe_part":9,"purl_type":454,"purl_namespace":452,"purl_name":463,"source":9,"versions":464},"qemu&distro=SUSE Linux Enterprise Server 12",[465],{"version":457,"is_range":458,"range_type":459,"version_start":9,"version_start_type":9,"version_end":460,"version_end_type":461,"fixed_in":9},{"ecosystem":450,"name":451,"vendor":452,"product":467,"cpe_part":9,"purl_type":454,"purl_namespace":452,"purl_name":467,"source":9,"versions":468},"qemu&distro=SUSE Linux Enterprise Server for SAP Applications 12",[469],{"version":457,"is_range":458,"range_type":459,"version_start":9,"version_start_type":9,"version_end":460,"version_end_type":461,"fixed_in":9}]