Download
| Alert*
oval:org.secpod.oval:def:61765
Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:503549 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB bu ... oval:org.secpod.oval:def:1601408 A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ip_reass routine while reassembling incoming packets, if the first fragment is bigger than the m- oval:org.secpod.oval:def:60785 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1601386 A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ip_reass routine while reassembling incoming packets, if the first fragment is bigger than the m- oval:org.secpod.oval:def:503558 The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_em ... oval:org.secpod.oval:def:89003123 This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service . - CVE-2019-143 ... oval:org.secpod.oval:def:89003410 This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service . - CVE-2019-143 ... oval:org.secpod.oval:def:69946 Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:604736 Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:89000373 This update for kvm fixes the following issues: Security issues fixed: - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2020-8608: Fixed a potential OOB access in slirp . - CVE-2020-7039: ... oval:org.secpod.oval:def:504373 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more details about the security issue, including the impact, a CVSS score, acknowledgments, a ... oval:org.secpod.oval:def:89000312 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:2105973 Oracle Solaris 11 - ( CVE-2019-15890 ) oval:org.secpod.oval:def:2500998 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:705283 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89000321 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:205456 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB bu ... oval:org.secpod.oval:def:1700524 A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ip_reass routine while reassembling incoming packets, if the first fragment is bigger than the m- oval:org.secpod.oval:def:1502834 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:70837 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:504698 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:68020 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:1505306 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500103 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:89044379 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix sPAPR emulator leaks the host hardware identity - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, ... oval:org.secpod.oval:def:89044451 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:89047086 This update for qemu fixes the following issues: - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream - Fix OOB access in sdhci interface - Fix potential privilege escalation in virtiofsd tool - Fix OOB access in rtl8139 NIC emulation - Fix heap ... oval:org.secpod.oval:def:89044447 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, these issues are fixed in this package already. Most a ... oval:org.secpod.oval:def:89044405 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:89044389 This update for qemu fixes the following issues: - Fix out-of-bounds access issue while doing multi block SDMA - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - QEMU BIOS fails to read stage2 loader on s390x - Change dependency from CONFIG_VFIO back to CONFIG_LINUX - For ... oval:org.secpod.oval:def:89049531 This update for qemu fixes the following issues: - CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix issue where s390 guest fails to find zipl boot menu index - QEMU BIOS fails t ... oval:org.secpod.oval:def:89044446 This update for qemu fixes the following issues: - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply oval:org.secpod.oval:def:89050697 This update for qemu fixes the following issues: qemu was updated to v3.1.1.1, a stable, bug-fix-only release, which includes 2 fixes we already carry, as well as one additional use- after-free fix in slirp. Security issues fixed: - CVE-2019-12068: Fixed potential DOS in lsi scsi controller emulati ... oval:org.secpod.oval:def:89003334 This update for xen to version 4.11.2 fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite lo ... oval:org.secpod.oval:def:89003195 This update for xen fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of s ... |