Download
| Alert*
|
oval:org.secpod.oval:def:89003328
This update for xen fixes the following issues: Security issues fixed: - Fixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack . ... oval:org.secpod.oval:def:66839 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:89003238 This update for xen fixes the following issues: Security issues fixed: - Fixed multiple access violations introduced by XENMEM_exchange hypercall which could allow a single PV guest to leak arbitrary amounts of memory, leading to a denial of service . - Fixed an issue which could allow a malicious u ... oval:org.secpod.oval:def:89003436 This update for xen fixes the following issues: Security issues fixed: - Fixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack . ... oval:org.secpod.oval:def:66672 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:1601167 tcp_emu in slirp/tcp_subr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or ... oval:org.secpod.oval:def:1601165 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overf ... oval:org.secpod.oval:def:116832 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:1700509 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. tcp_emu in slirp/tcp_subr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure oval:org.secpod.oval:def:205228 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: information leakage in tcp_emu due to uninitialized stack variables ... oval:org.secpod.oval:def:1505295 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700516 A heap buffer overflow issue was found in the load_device_tree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potentiall ... oval:org.secpod.oval:def:205289 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: information leakage in tcp_emu due to uninitialized stack variables ... oval:org.secpod.oval:def:1502560 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500038 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:503174 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: information leakage in tcp_emu due to uninitialized stack variables ... oval:org.secpod.oval:def:503277 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: Slirp: information leakage in tcp_emu due to uninitialized stack variables ... oval:org.secpod.oval:def:1504178 [1.5.3-167.el7] - Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503] - Resolves: bz#1618503 [1.5.3-166.el7] - kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503] - Resolves: bz#1618503 [1.5.3-165.el7] - kvm-Fix-eax-for-cpuid-leaf-0x40000000.patch [bz#17 ... oval:org.secpod.oval:def:603933 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure. In addition this update backports support to passthrough the new md-clear CPU flag added in the intel-microcode update ship ... oval:org.secpod.oval:def:55310 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure. In addition this update backports support to passthrough the new md-clear CPU flag added in the intel-microcode update ship ... oval:org.secpod.oval:def:89003141 This update for kvm fixes the following issues: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2018-20815: Fix DOS possibility in device tree processing - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-clearquot; oval:org.secpod.oval:def:55021 qemu: Machine emulator and virtualizer Several issues were addressed in QEMU. oval:org.secpod.oval:def:70434 qemu: Machine emulator and virtualizer Several issues were addressed in QEMU. oval:org.secpod.oval:def:704948 qemu: Machine emulator and virtualizer Several issues were addressed in QEMU. oval:org.secpod.oval:def:89050620 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue - CVE-2019-3812: Fixed OOB memory a ... oval:org.secpod.oval:def:89003099 This update for qemu fixes the following issues: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue - CVE-2019-3812: Fixed OOB memory access and information l ... oval:org.secpod.oval:def:1504751 [15:3.1.0-3.el7] - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091} [15:3.1.0-2.el7] - x86: Add mds feature - e1000: Never increment the RX undersize count register - qemu.spec ... oval:org.secpod.oval:def:89003091 This update for qemu fixes the following issues: Following security issues were fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2018-20815: Fix DOS possibility in device tree processing - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-cl ... |
