Download
| Alert*
oval:org.secpod.oval:def:89044339
This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:1505454 qemu-kvm [4.2.0-59.el8_5] - kvm-hw-scsi-scsi-disk-MODE_PAGE_ALLS-not-allowed-in-MODE.patch [bz#2025605] - kvm-e1000-fix-tx-re-entrancy-problem.patch [bz#2025011] - Resolves: bz#2025605 - Resolves: bz#2025011 oval:org.secpod.oval:def:1505552 hivex [1.3.18-21] - Bounds check for block exceeding page length resolves: rhbz#1950501 libguestfs [1.40.2-28.0.1] - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.40.2-28] - daemo ... oval:org.secpod.oval:def:506637 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:89044350 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:1505359 [15:4.2.1-13.el7] - pcie: Do not set power state for some hot-plugged devices [Orabug: 33642532] [15:4.2.1-12.1.el7] - Update slirp to address various CVEs [Orabug: 32208456] [Orabug: 33014409] [Orabug: 33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-29129} {CVE-2020-29130} {CVE-2021-359 ... oval:org.secpod.oval:def:89044177 This update for xen fixes the following issues: - CVE-2021-20257: xen: infinite loop issue in the e1000 NIC emulator . - CVE-2021-27379: Fixed an issue where entries in the IOMMU were not being updated under certain circumstances due to improper backport of XSA-321 . oval:org.secpod.oval:def:89044133 This update for xen fixes the following issues: - CVE-2021-3308: VUL-0: xen: IRQ vector leak on x86 - CVE-2021-28687: VUL-0: xen: HVM soft-reset crashes toolstack - CVE-2021-20257: VUL-0: xen: infinite loop issue in the e1000 NIC emulator - CVE-2020-28368: VUL-0: xen: Intel RAPL sidechannel attac ... oval:org.secpod.oval:def:1701366 An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of s ... oval:org.secpod.oval:def:4501250 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the ... oval:org.secpod.oval:def:89044348 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb iehci packet handling - Fix infinite loop in usb hcd-ohci emula ... oval:org.secpod.oval:def:2500263 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:89044446 This update for qemu fixes the following issues: - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply oval:org.secpod.oval:def:89044349 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:1504993 [15:4.2.1-10.el7] - e1000: fail early for evil descriptor [Orabug: 32560552] {CVE-2021-20257} - Document CVE-2020-27661 as fixed [Orabug: 32960200] {CVE-2020-27661} - block: Avoid stale pointer dereference in blk_get_aio_context - block: Fix blk_flight during blk_wait_while_drained - block: Incr ... oval:org.secpod.oval:def:89044202 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044340 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044341 This update for xen fixes the following issues: - CVE-2021-3419: Fixed a stack overflow induced by infinite recursion issue . - CVE-2021-20257: Fixed an infinite loop in the e1000 NIC emulator - xenstored crashing with segfault . oval:org.secpod.oval:def:89044182 This update for xen fixes the following issues: - CVE-2021-27379: Fixed an issue where entries in the IOMMU were not being updated under certain circumstances due to improper backport of XSA-321 - CVE-2021-20257: Fixed an infinite loop in the e1000 NIC emulator oval:org.secpod.oval:def:89049497 This update for qemu fixes the following issues: - CVE-2020-12829: Fix OOB access in sm501 device emulation - CVE-2020-25723: Fix use-after-free in usb xhci packet handling - CVE-2020-25084: Fix use-after-free in usb ehci packet handling - CVE-2020-25625: Fix infinite loop in usb hcd-ohci emulat ... oval:org.secpod.oval:def:89044183 This update for kvm fixes the following issues: - Fix OOB read and write due to integer overflow in sm501_2d_operation in hw/display/sm501.c - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet hand ... oval:org.secpod.oval:def:89044379 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix sPAPR emulator leaks the host hardware identity - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, ... oval:org.secpod.oval:def:89044451 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:74528 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:74004 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:74522 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:706072 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:74003 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89044447 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, these issues are fixed in this package already. Most a ... oval:org.secpod.oval:def:89044405 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:89044389 This update for qemu fixes the following issues: - Fix out-of-bounds access issue while doing multi block SDMA - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - QEMU BIOS fails to read stage2 loader on s390x - Change dependency from CONFIG_VFIO back to CONFIG_LINUX - For ... oval:org.secpod.oval:def:1505427 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89049531 This update for qemu fixes the following issues: - CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix issue where s390 guest fails to find zipl boot menu index - QEMU BIOS fails t ... oval:org.secpod.oval:def:89046267 This update for xen fixes the following issues: - CVE-2022-26356: Fixed potential race conditions in dirty memory tracking that could cause a denial of service in the host . - CVE-2022-26357: Fixed a potential race condition in memory cleanup for hosts using VT-d IOMMU hardware, which could lead to ... |