Download
| Alert*
oval:org.secpod.oval:def:502272
Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: vga: OOB read access during display update * Qemu: Slirp: use-after-free w ... oval:org.secpod.oval:def:52200 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:51996 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1502168 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204783 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: vga: OOB read access during display update * Qemu: Slirp: use-after-free w ... oval:org.secpod.oval:def:703987 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:44100 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:44101 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1504440 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:89043778 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka Spectre and Meltdown attacks - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS or p ... oval:org.secpod.oval:def:89043690 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka Spectre and Meltdown attacks - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS or p ... oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:89043590 This update for xen fixes several issues. This new feature was included: - add script and sysv service to watch for vcpu online/offline events in a HVM domU These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative exec ... oval:org.secpod.oval:def:89002451 This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl featur ... oval:org.secpod.oval:def:89002152 This update for kvm fixes the following issues: - This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl feature ... oval:org.secpod.oval:def:115017 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:502333 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:53337 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. CVE-2017-15124 ... oval:org.secpod.oval:def:204854 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:1700052 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:603411 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. CVE-2017-15124 ... oval:org.secpod.oval:def:1600898 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:89002226 This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl featur ... oval:org.secpod.oval:def:1502271 The advisory is missing the security advisory description. For more information please visit the reference link |