Download
| Alert*
|
oval:org.secpod.oval:def:503621
Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more ... oval:org.secpod.oval:def:503600 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix: * QEMU: block: isc ... oval:org.secpod.oval:def:503650 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more details about the security issue, including the impact, a CVSS score, acknowledgments, a ... oval:org.secpod.oval:def:62033 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:66540 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more details about the security issue, including the impact, a CVSS score, acknowledgments, a ... oval:org.secpod.oval:def:66825 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:70268 slirp: SLIP/PPP emulator using a dial up shell account slirp could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:61765 Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:503549 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB bu ... oval:org.secpod.oval:def:503558 The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_em ... oval:org.secpod.oval:def:2501003 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:89050266 This update for qemu fixes the following issues: - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu routine while emulating IRC and other protocols . - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation . - CVE-2020-1711: Fixed an ... oval:org.secpod.oval:def:1601167 tcp_emu in slirp/tcp_subr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or ... oval:org.secpod.oval:def:1601165 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overf ... oval:org.secpod.oval:def:69946 Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:604736 Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:89000373 This update for kvm fixes the following issues: Security issues fixed: - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2020-8608: Fixed a potential OOB access in slirp . - CVE-2020-7039: ... oval:org.secpod.oval:def:504373 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more details about the security issue, including the impact, a CVSS score, acknowledgments, a ... oval:org.secpod.oval:def:89000312 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:2500998 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:89000321 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:205456 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * QEMU: slirp: OOB bu ... oval:org.secpod.oval:def:1502834 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000498 This update for qemu fixes the following issues: - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu routine while emulating IRC and other protocols . - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation . - CVE-2020-1711: Fixed an ... oval:org.secpod.oval:def:89000094 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect . - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code ... oval:org.secpod.oval:def:89000279 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect . - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code ... oval:org.secpod.oval:def:205484 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more ... oval:org.secpod.oval:def:1700515 tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. An out-of-bounds heap buffer acces ... oval:org.secpod.oval:def:2500135 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:1503977 [1.5.3-173.el7] - kvm-tcp_emu-Fix-oob-access.patch [bz#1791560] - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791560] - kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791560] - Resolves: bz#1791560 [1.5.3-172.el7] - kvm-target-i386-Export-TAA_NO-bit-to-guests. ... oval:org.secpod.oval:def:705763 slirp: SLIP/PPP emulator using a dial up shell account slirp could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:705387 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1504293 buildah [1.11.6-4.0.1] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.11.6-4] - compile in FIPS mode - Related: RHELPLAN-25138 [1.11.6-3] - be sure to use golang oval:org.secpod.oval:def:1502874 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69568 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... |
