Download
| Alert*
|
oval:org.secpod.oval:def:503434
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to c ... oval:org.secpod.oval:def:66838 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to c ... oval:org.secpod.oval:def:66669 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to c ... oval:org.secpod.oval:def:66473 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to c ... oval:org.secpod.oval:def:89003287 This update for kvm fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-helpe ... oval:org.secpod.oval:def:89003212 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ... oval:org.secpod.oval:def:89003357 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ... oval:org.secpod.oval:def:503549 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB bu ... oval:org.secpod.oval:def:60785 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:503456 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix: * QEMU: slirp: hea ... oval:org.secpod.oval:def:503558 The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_em ... oval:org.secpod.oval:def:89003123 This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service . - CVE-2019-143 ... oval:org.secpod.oval:def:89003410 This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service . - CVE-2019-143 ... oval:org.secpod.oval:def:2501017 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2501008 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:89050551 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ... oval:org.secpod.oval:def:89050788 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ... oval:org.secpod.oval:def:116928 A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services. oval:org.secpod.oval:def:1505316 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505284 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:604504 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs. In addition this update fixes a regression which could cause NBD connections to hang. oval:org.secpod.oval:def:58347 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs. In addition this update fixes a regression which could cause NBD connections to hang. oval:org.secpod.oval:def:69748 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs. oval:org.secpod.oval:def:58236 A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ip_reass() routine while reassembling incoming packets if the first fragment is bigger than the m->m_dat[] buffer. An attacker could use this flaw to crash the QEMU process on ... oval:org.secpod.oval:def:1700510 ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment oval:org.secpod.oval:def:705283 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1504472 [15:3.1.0-7.el7] - qemu-img: Add --target-is-zero to convert [15:3.1.0-6.el7] - qemu.spec: Remove "BuildRequires: kernel" [Orabug: 30858754] - target/i386: add support for MSR_IA32_TSX_CTRL [Orabug: 30652327] - iscsi: Cap block count from GET LBA STATUS [Orabug: 30807256] {CVE-2020-1711} - scsi ... oval:org.secpod.oval:def:205456 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB bu ... oval:org.secpod.oval:def:604521 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs. oval:org.secpod.oval:def:1502834 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1601209 qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service by leveraging mishandling of the seccomp policy for threads other than the main thread. A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ip ... oval:org.secpod.oval:def:89050697 This update for qemu fixes the following issues: qemu was updated to v3.1.1.1, a stable, bug-fix-only release, which includes 2 fixes we already carry, as well as one additional use- after-free fix in slirp. Security issues fixed: - CVE-2019-12068: Fixed potential DOS in lsi scsi controller emulati ... oval:org.secpod.oval:def:205437 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * hw: TSX Transaction Asynchronous Abort * QEMU: slirp: heap buffer overflow duri ... oval:org.secpod.oval:def:1502793 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:503517 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * hw: TSX Transaction Asynchronous Abort * QEMU: slirp: heap buffer overflow duri ... oval:org.secpod.oval:def:89003334 This update for xen to version 4.11.2 fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite lo ... oval:org.secpod.oval:def:89003195 This update for xen fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of s ... |
