SUSE-SU-2019:2954-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 12 Nov 2019, 18:14
Last modified:04 Feb 2026, 03:52
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
12 Nov 2019, 18:14
Published
Vulnerability first disclosed
04 Feb 2026, 03:52
Last Modified
Vulnerability information updated
Description
Security update for qemu This update for qemu fixes the following issues: - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 - Fix use-after-free in slirp (CVE-2018-20126 bsc#1119991) - Fix potential DOS in lsi scsi controller emulation (CVE-2019-12068 bsc#1146873) - Expose taa-no 'feature', indicating CPU does not have the TSX Async Abort vulnerability. (CVE-2019-11135 bsc#1152506) - Expose pschange-mc-no 'feature', indicating CPU does not have the page size change machine check vulnerability (CVE-2018-12207 bsc#1155812)
Affected Systems
- suse•qemu&distro=SUSE Linux Enterprise Module for Basesystem 15
< 2.11.2-9.33.1
- suse•qemu&distro=SUSE Linux Enterprise Module for Server Applications 15
< 2.11.2-9.33.1
References (9)
- https://www.suse.com/support/update/announcement/2019/suse-su-20192954-1/
- https://bugzilla.suse.com/1119991
- https://bugzilla.suse.com/1146873
- https://bugzilla.suse.com/1152506
- https://bugzilla.suse.com/1155812
- https://www.suse.com/security/cve/CVE-2018-12207
- https://www.suse.com/security/cve/CVE-2018-20126
- https://www.suse.com/security/cve/CVE-2019-11135
- https://www.suse.com/security/cve/CVE-2019-12068