Download
| Alert*
oval:org.secpod.oval:def:502272
Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: vga: OOB read access during display update * Qemu: Slirp: use-after-free w ... oval:org.secpod.oval:def:204783 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: vga: OOB read access during display update * Qemu: Slirp: use-after-free w ... oval:org.secpod.oval:def:502515 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. The following packages have been ... oval:org.secpod.oval:def:44100 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1502168 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600898 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:1504440 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:1700052 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:89002451 This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl featur ... oval:org.secpod.oval:def:603411 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. CVE-2017-15124 ... oval:org.secpod.oval:def:89002226 This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl featur ... oval:org.secpod.oval:def:53337 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. CVE-2017-15124 ... |