An update that fixes two vulnerabilities is now available. It includes one version update.
Description:
A privileged guest user could cause a buffer overflow in the virtio subsystem of the host, therefore crashing the guest or potentially execute arbitrary code on the host (CVE-2011-2212, CVE-2011-2512).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch kvm-4863
- openSUSE 11.3:
zypper in -t patch kvm-4863
To bring your system up-to-date, use "zypper patch".