Stay Connected:

ELSA-2018-4262

ELSA-2018-4262 - qemu security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-10-29

Description


[12:2.9.0-17.el7]
- i386: Remove generic SMT thread check (Babu Moger) [Orabug: 28676425]
- pc: Fix typo on PC_COMPAT_2_12 (Eduardo Habkost) [Orabug: 28676425]
- i386: Enable TOPOEXT feature on AMD EPYC CPU (Babu Moger) [Orabug: 28676425]
- net: ignore packet size greater than INT_MAX (Jason Wang) [Orabug: 28762625] {CVE-2018-17963}
- pcnet: fix possible buffer overflow (Jason Wang) [Orabug: 28762617] {CVE-2018-17962}
- rtl8139: fix possible out of bound access (Jason Wang) [Orabug: 28762613] {CVE-2018-17958}
- ne2000: fix possible out of bound access in ne2000_receive (Jason Wang) [Orabug: 28733338] {CVE-2018-10839}
- seccomp: set the seccomp filter to all threads (Marc-Andre Lureau) [Orabug: 28576303] {CVE-2018-15746}
- virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit to virtio_net (Venu Busireddy) [Orabug: 28497003]
- virtio-net: use 64-bit values for feature flags (Jason Baron) [Orabug: 28497003]
- qga: check bytes count read by guest-file-read (Prasad J Pandit) [Orabug: 28312939] {CVE-2018-12617}
- CVE-2017-2630: Qemu: nbd: oob stack write in client routine drop_sync (Mark Kanda) [Orabug: 28424694] {CVE-2017-2630}
- CVE-2017-2633: Qemu: VNC: memory corruption due to unchecked resolution limit (Mark Kanda) [Orabug: 28424697] {CVE-2017-2633}
- CVE-2017-7471: Qemu: 9p: virtfs allows guest to change filesystem attributes (Mark Kanda) [Orabug: 28407849] {CVE-2017-7471}
- slirp: correct size computation while concatenating mbuf (Prasad J Pandit) [Orabug: 28263244] {CVE-2018-11806}


Related CVEs


CVE-2017-2633
CVE-2018-11806
CVE-2018-15746
CVE-2018-17963
CVE-2018-17962
CVE-2018-17958
CVE-2018-10839
CVE-2018-12617
CVE-2017-7471
CVE-2017-2630

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) qemu-2.9.0-17.el7.src.rpm1bf4e9db6770edeb1874039794e3f82aELBA-2021-9161
qemu-2.9.0-17.el7.x86_64.rpm5d11acbc319f0c717c417b316806baa6ELBA-2021-9161
qemu-block-gluster-2.9.0-17.el7.x86_64.rpm4166247f125bee5084c35ee5df1e25dfELBA-2021-9161
qemu-block-iscsi-2.9.0-17.el7.x86_64.rpm2f2456c9e0857e5f1636b019893a0b98ELBA-2021-9161
qemu-block-rbd-2.9.0-17.el7.x86_64.rpm0949bb0d2936760f1260e5268de95670ELBA-2021-9161
qemu-common-2.9.0-17.el7.x86_64.rpm8ecb3596cec8c36407df2392b41497e0ELBA-2021-9161
qemu-img-2.9.0-17.el7.x86_64.rpm996846d728a00a9112d603c4c78ff717ELBA-2021-9161
qemu-kvm-2.9.0-17.el7.x86_64.rpmdc6591c8b4df657fb3b118be752ed4f2ELBA-2021-9161
qemu-kvm-core-2.9.0-17.el7.x86_64.rpma3feeb59413dcc0a9b1f323b1bcc8e55ELBA-2021-9161
qemu-system-x86-2.9.0-17.el7.x86_64.rpm7cdd0e4ce84b56b60f049ea4b299a0edELBA-2021-9161
qemu-system-x86-core-2.9.0-17.el7.x86_64.rpm0aad25ff9f6e9be4c8bdaa7112118268ELBA-2021-9161



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights