ELSA-2014-0420

ELSA-2014-0420 - qemu-kvm security update

Type:SECURITY
Severity:MODERATE
Release Date:2014-04-22

Description


[0.12.1.2-2.415.el6_5.8]
- kvm-virtio-net-fix-guest-triggerable-buffer-overrun.patch [bz#1078605 bz#1078849]
- kvm-qcow2-Check-backing_file_offset-CVE-2014-0144.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Check-refcount-table-size-CVE-2014-0144.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Validate-refcount-table-offset.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Validate-snapshot-table-offset-size-CVE-2014-0.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Validate-active-L1-table-offset-and-size-CVE-2.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Fix-backing-file-name-length-check.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Don-t-rely-on-free_cluster_index-in-alloc_refc.patch [bz#1079337 bz#1079338]
- kvm-qcow2-Avoid-integer-overflow-in-get_refcount-CVE-201.patch [bz#1079318 bz#1079319]
- kvm-qcow2-Check-new-refcount-table-size-on-growth.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Fix-types-in-qcow2_alloc_clusters-and-alloc_cl.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Protect-against-some-integer-overflows-in-bdrv.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Catch-some-L1-table-index-overflows.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Fix-new-L1-table-size-check-CVE-2014-0143.patch [bz#1079318 bz#1079319]
- kvm-qcow2-Fix-NULL-dereference-in-qcow2_open-error-path-.patch [bz#1079330 bz#1079331]
- kvm-qcow2-Limit-snapshot-table-size.patch [bz#1079518 bz#1086678]
- kvm-block-cloop-validate-block_size-header-field-CVE-201.patch [bz#1079452 bz#1079453]
- kvm-block-cloop-prevent-offsets_size-integer-overflow-CV.patch [bz#1079318 bz#1079319]
- kvm-block-cloop-refuse-images-with-huge-offsets-arrays-C.patch [bz#1079452 bz#1079453]
- kvm-block-cloop-Fix-coding-style.patch [bz#1079518 bz#1086678]
- kvm-cloop-Fix-bdrv_open-error-handling.patch [bz#1079518 bz#1086678]
- kvm-block-cloop-refuse-images-with-bogus-offsets-CVE-201.patch [bz#1079452 bz#1079453]
- kvm-block-cloop-Use-g_free-instead-of-free.patch [bz#1079518 bz#1086678]
- kvm-block-cloop-fix-offsets-size-off-by-one.patch [bz#1079518 bz#1086678]
- kvm-bochs-Fix-bdrv_open-error-handling.patch [bz#1079518 bz#1086678]
- kvm-bochs-Unify-header-structs-and-make-them-QEMU_PACKED.patch [bz#1079518 bz#1086678]
- kvm-bochs-Use-unsigned-variables-for-offsets-and-sizes-C.patch [bz#1079337 bz#1079338]
- kvm-bochs-Check-catalog_size-header-field-CVE-2014-0143.patch [bz#1079318 bz#1079319]
- kvm-bochs-Check-extent_size-header-field-CVE-2014-0142.patch [bz#1079313 bz#1079314]
- kvm-bochs-Fix-bitmap-offset-calculation.patch [bz#1079518 bz#1086678]
- kvm-vpc-vhd-add-bounds-check-for-max_table_entries-and-b.patch [bz#1079452 bz#1079453]
- kvm-vpc-Validate-block-size-CVE-2014-0142.patch [bz#1079313 bz#1079314]
- kvm-vdi-add-bounds-checks-for-blocks_in_image-and-disk_s.patch [bz#1079452 bz#1079453]
- kvm-vhdx-Bounds-checking-for-block_size-and-logical_sect.patch [bz#1079343 bz#1079344]
- kvm-curl-check-data-size-before-memcpy-to-local-buffer.-.patch [bz#1079452 bz#1079453]
- kvm-dmg-Fix-bdrv_open-error-handling.patch [bz#1079518 bz#1086678]
- kvm-dmg-coding-style-and-indentation-cleanup.patch [bz#1079518 bz#1086678]
- kvm-dmg-prevent-out-of-bounds-array-access-on-terminator.patch [bz#1079518 bz#1086678]
- kvm-dmg-drop-broken-bdrv_pread-loop.patch [bz#1079518 bz#1086678]
- kvm-dmg-use-appropriate-types-when-reading-chunks.patch [bz#1079518 bz#1086678]
- kvm-dmg-sanitize-chunk-length-and-sectorcount-CVE-2014-0.patch [bz#1079323 bz#1079324]
- kvm-dmg-use-uint64_t-consistently-for-sectors-and-length.patch [bz#1079518 bz#1086678]
- kvm-dmg-prevent-chunk-buffer-overflow-CVE-2014-0145.patch [bz#1079323 bz#1079324]
- kvm-block-Limit-request-size-CVE-2014-0143.patch [bz#1079318 bz#1079319]
- kvm-parallels-Fix-catalog-size-integer-overflow-CVE-2014.patch [bz#1079318 bz#1079319]
- kvm-parallels-Sanity-check-for-s-tracks-CVE-2014-0142.patch [bz#1079313 bz#1079314]
- kvm-bochs-Fix-memory-leak-in-bochs_open-error-path.patch [bz#1079518 bz#1086678]
- kvm-bochs-Fix-catalog-size-check.patch [bz#1079518 bz#1086678]
- Resolves: bz#1078849
(EMBARGOED CVE-2014-0150 qemu-kvm: qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function [rhel-6.5.z])
- Resolves: bz#1079313
(CVE-2014-0142 qemu-kvm: qemu: crash by possible division by zero [rhel-6.5.z])
- Resolves: bz#1079318
(CVE-2014-0143 qemu-kvm: Qemu: block: multiple integer overflow flaws [rhel-6.5.z])
- Resolves: bz#1079323
(CVE-2014-0145 qemu-kvm: Qemu: prevent possible buffer overflows [rhel-6.5.z])
- Resolves: bz#1079330
(CVE-2014-0146 qemu-kvm: Qemu: qcow2: NULL dereference in qcow2_open() error path [rhel-6.5.z])
- Resolves: bz#1079337
(CVE-2014-0147 qemu-kvm: Qemu: block: possible crash due signed types or logic error [rhel-6.5.z])
- Resolves: bz#1079343
(CVE-2014-0148 qemu-kvm: Qemu: vhdx: bounds checking for block_size and logical_sector_size [rhel-6.5.z])
- Resolves: bz#1079452
(CVE-2014-0144 qemu-kvm: Qemu: block: missing input validation [rhel-6.5.z])
- Resolves: bz#1086678
(qemu-kvm: include leftover patches from block layer security audit)


Related CVEs


CVE-2014-0142
CVE-2014-0143
CVE-2014-0144
CVE-2014-0145
CVE-2014-0146
CVE-2014-0147
CVE-2014-0148
CVE-2014-0150

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpme165a6f04384ca4403676477395e352cELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.i686.rpm4719f028b8c907023028aee1b67e0bc3ELSA-2020-4056
Oracle Linux 6 (x86_64) qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpme165a6f04384ca4403676477395e352cELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.x86_64.rpmf2dd346b689a932491ba5a94545d1e15ELSA-2020-4056
qemu-img-0.12.1.2-2.415.el6_5.8.x86_64.rpmf3cbf97126061ff6d9aa2526eeb0cc47ELSA-2020-4056
qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64.rpm03f81318ac4fad16ad22de5c9155c22dELSA-2020-4056
qemu-kvm-tools-0.12.1.2-2.415.el6_5.8.x86_64.rpm081f33617401da21e3fa99a065593081ELSA-2020-4056



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete