Download
| Alert*
oval:org.secpod.oval:def:62033
qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:70268 slirp: SLIP/PPP emulator using a dial up shell account slirp could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:503587 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: potential OOB access due to unsafe snprintf usages For more details ... oval:org.secpod.oval:def:503558 The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_em ... oval:org.secpod.oval:def:503604 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix: * QEMU: Slirp: pot ... oval:org.secpod.oval:def:503652 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: potential OOB access due to unsafe snprintf usages For more details ... oval:org.secpod.oval:def:67392 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:2501002 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:89050266 This update for qemu fixes the following issues: - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu routine while emulating IRC and other protocols . - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation . - CVE-2020-1711: Fixed an ... oval:org.secpod.oval:def:1601167 tcp_emu in slirp/tcp_subr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or ... oval:org.secpod.oval:def:1601165 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overf ... oval:org.secpod.oval:def:89000112 This update for xen fixes the following issues: - bsc#1174543 - secure boot related fixes - bsc#1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf usages - bsc#1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy - bsc#1168140 - CVE-2020-11740, CVE-2020-11741: Multi ... oval:org.secpod.oval:def:1700509 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. tcp_emu in slirp/tcp_subr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure oval:org.secpod.oval:def:89000312 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:89000373 This update for kvm fixes the following issues: Security issues fixed: - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2020-8608: Fixed a potential OOB access in slirp . - CVE-2020-7039: ... oval:org.secpod.oval:def:89000321 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:2500055 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:69569 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:89000498 This update for qemu fixes the following issues: - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu routine while emulating IRC and other protocols . - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation . - CVE-2020-1711: Fixed an ... oval:org.secpod.oval:def:1502966 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000279 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect . - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code ... oval:org.secpod.oval:def:1502865 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502866 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705763 slirp: SLIP/PPP emulator using a dial up shell account slirp could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:1502872 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000293 This update for xen fixes the following issues: - bsc#1174543 - secure boot related fixes - bsc#1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf usages oval:org.secpod.oval:def:89000094 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect . - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code ... oval:org.secpod.oval:def:89000097 This update for xen fixes the following issues: - bsc#1174543 - secure boot related fixes - bsc#1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf usages oval:org.secpod.oval:def:705387 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:205556 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: potential OOB access due to unsafe snprintf usages For more details ... oval:org.secpod.oval:def:68479 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: Slirp: potential OOB access due to unsafe snprintf usages For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other ... oval:org.secpod.oval:def:89000658 This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests . - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions . - CVE-2020-29483: Fixed an iss ... oval:org.secpod.oval:def:89044446 This update for qemu fixes the following issues: - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply oval:org.secpod.oval:def:89044379 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix sPAPR emulator leaks the host hardware identity - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, ... oval:org.secpod.oval:def:89044451 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:89047086 This update for qemu fixes the following issues: - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream - Fix OOB access in sdhci interface - Fix potential privilege escalation in virtiofsd tool - Fix OOB access in rtl8139 NIC emulation - Fix heap ... oval:org.secpod.oval:def:89044447 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, these issues are fixed in this package already. Most a ... oval:org.secpod.oval:def:89044405 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:89049531 This update for qemu fixes the following issues: - CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix issue where s390 guest fails to find zipl boot menu index - QEMU BIOS fails t ... oval:org.secpod.oval:def:604931 It was discovered that incorrect memory handling in the SLIRP networking implementation could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:66726 It was discovered that incorrect memory handling in the SLIRP networking implementation could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:89044389 This update for qemu fixes the following issues: - Fix out-of-bounds access issue while doing multi block SDMA - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - QEMU BIOS fails to read stage2 loader on s390x - Change dependency from CONFIG_VFIO back to CONFIG_LINUX - For ... oval:org.secpod.oval:def:89000339 This update for xen fixes the following issues: - bsc#1174543 - secure boot related fixes - bsc#1163019 - CVE-2020-8608: potential OOB access due to unsafe snprintf usages - bsc#1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy - bsc#1168140 - CVE-2020-11740, CVE-2020-11741: multi ... |