ELSA-2016-1585

ELSA-2016-1585 - qemu-kvm security update

Type:SECURITY
Severity:MODERATE
Release Date:2016-08-09

Description


[0.12.1.2-2.491.el6_8.3]
- kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch [bz#1359724]
- Resolves: bz#1359724
(EMBARGOED CVE-2016-5403 qemu-kvm: Qemu: virtio: unbounded memory allocation on host via guest leading to DoS [rhel-6.8.z])

[0.12.1.2-2.491.el6_8.2]
- kvm-vga-add-sr_vbe-register-set.patch [bz#1347192]
- Resolves: bz#1347192
(Regression from CVE-2016-3712: windows installer fails to start)

[0.12.1.2-2.491.el6_8.1]
- kvm-Add-vga.h-unmodified-from-Linux.patch [bz#1331407]
- kvm-vga.h-remove-unused-stuff-and-reformat.patch [bz#1331407]
- kvm-vga-use-constants-from-vga.h.patch [bz#1331407]
- kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch [bz#1331407]
- kvm-vga-fix-banked-access-bounds-checking-CVE-2016-3710.patch [bz#1331407]
- kvm-vga-add-vbe_enabled-helper.patch [bz#1331407]
- kvm-vga-factor-out-vga-register-setup.patch [bz#1331407]
- kvm-vga-update-vga-register-setup-on-vbe-changes.patch [bz#1331407]
- kvm-vga-make-sure-vga-register-setup-for-vbe-stays-intac.patch [bz#1331407]
- Resolves: bz#1331407
(EMBARGOED CVE-2016-3710 qemu-kvm: qemu: incorrect banked access bounds checking in vga module [rhel-6.8.z])


Related CVEs


CVE-2016-5403

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) qemu-kvm-0.12.1.2-2.491.el6_8.3.src.rpm479cb2198531dd879ff5ad74fe096a30ELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.491.el6_8.3.i686.rpm634d10df50505d0a52271910de1f228bELSA-2020-4056
Oracle Linux 6 (x86_64) qemu-kvm-0.12.1.2-2.491.el6_8.3.src.rpm479cb2198531dd879ff5ad74fe096a30ELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.491.el6_8.3.x86_64.rpma6e20488275b5695f3c6fb0c5e7aeb36ELSA-2020-4056
qemu-img-0.12.1.2-2.491.el6_8.3.x86_64.rpmf43d3eb630b0b0e0b2b6995dd5c45ff4ELSA-2020-4056
qemu-kvm-0.12.1.2-2.491.el6_8.3.x86_64.rpmc47a808a654804921a875786725a249dELSA-2020-4056
qemu-kvm-tools-0.12.1.2-2.491.el6_8.3.x86_64.rpm9230d43d75d7709dd519daf82d6159fdELSA-2020-4056



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete