This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote SuSE 11 host is missing a security update.
The following bugs have been fixed :
- By causing a hot-unplug of the pci-isa bridge from
within guests the qemu process could access already
freed memory. A privileged user inside the guest could
exploit that to crash the guest instance or potentially
execute arbitrary code on the host. (CVE-2011-1751)
- The virtio-blk driver did not properly validate read and
write request. A privileged user inside the guest could
exploit that to cause a heap corruption and crash the
guest instance or potentially execute arbitrary code on
the host. (CVE-2011-1750)
See also :
Apply SAT patch number 4574.
Risk factor :
High / CVSS Base Score : 7.4