ELSA-2016-1606

ELSA-2016-1606 - qemu-kvm security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2016-08-11

Description

[1.5.3-105.el7_2.7]
- kvm-block-iscsi-avoid-potential-overflow-of-acb-task-cdb.patch [bz#1358996]
- Resolves: bz#1358996
(CVE-2016-5126 qemu-kvm: Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl [rhel-7.2.z])

[1.5.3-105.el7_2.6]
- kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch [bz#1359728]
- Resolves: bz#1359728
(EMBARGOED CVE-2016-5403 qemu-kvm: Qemu: virtio: unbounded memory allocation on host via guest leading to DoS [rhel-7.2.z])

[1.5.3-105.el7_2.5]
- kvm-vga-add-sr_vbe-register-set.patch [bz#1347527]
- Resolves: bz#1347527
(Regression from CVE-2016-3712: windows installer fails to start)

Related CVEs

CVE-2016-5403

CVE-2016-5126

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 7 (x86_64)	qemu-kvm-1.5.3-105.el7_2.7.src.rpm	afcb89ad24e233163d6c9e0b2d17be2c	ELBA-2021-9161
	libcacard-1.5.3-105.el7_2.7.i686.rpm	ec5acaa566fc8de883c4a648b6251b4a	ELEA-2020-1159
	libcacard-1.5.3-105.el7_2.7.x86_64.rpm	fc259550e1465d7afad66de2d8ffbaad	ELEA-2020-1159
	libcacard-devel-1.5.3-105.el7_2.7.i686.rpm	12b59ff93fc418265a42ca9586fc5f3e	ELEA-2020-1159
	libcacard-devel-1.5.3-105.el7_2.7.x86_64.rpm	86b2fd99e1de134dba88d0956f0d3e8e	ELEA-2020-1159
	libcacard-tools-1.5.3-105.el7_2.7.x86_64.rpm	9e7da0e9449250acd32097e9cce0e981	ELEA-2020-1159
	qemu-img-1.5.3-105.el7_2.7.x86_64.rpm	d2a29e40f0b2fca3c9a38960da03ac52	ELBA-2021-9161
	qemu-kvm-1.5.3-105.el7_2.7.x86_64.rpm	de9d416d362c5013cedbda4cdbeb8380	ELBA-2021-9161
	qemu-kvm-common-1.5.3-105.el7_2.7.x86_64.rpm	dfd54c6a9a6cc70e11123d5955e9735d	ELSA-2021-0347
	qemu-kvm-tools-1.5.3-105.el7_2.7.x86_64.rpm	e7dd8bc360c75f5f8f29f199dd47350a	ELSA-2021-0347

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team