SUSE-SU-2024:1103-1 -- SLES qemu, qemu-guest-agentID: oval:org.secpod.oval:def:89051732 | Date: (C)2024-04-26 (M)2024-04-26 |
Class: PATCH | Family: unix |
This update for qemu fixes the following issues: * CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value . * CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI command . * CVE-2023-6693: Fixed stack buffer overflow in virtio_net_flush_tx . * CVE-2023-1544: Fixed out-of-bounds read in pvrdma_ring_next_elem_read . * CVE-2024-26328: Fixed invalid NumVFs value handled in NVME SR/IOV implementation . The following non-security bug was fixed: * Removing in-use mediated device should fail with error message instead of hang .
Platform: |
SUSE Linux Enterprise Desktop 15 SP5 |
SUSE Linux Enterprise Server 15 SP5 |
Product: |
qemu |
qemu-guest-agent |