Stay Connected:

ELSA-2017-0352

ELSA-2017-0352 - qemu-kvm security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2017-03-01

Description


[0.12.1.2-2.491.el6_8.7]
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420486 bz#1420488]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420486 bz#1420488]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420486 bz#1420488]
- Resolves: bz#1420486
(EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
- Resolves: bz#1420488
(EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])


Related CVEs


CVE-2017-2620

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) qemu-kvm-0.12.1.2-2.491.el6_8.7.src.rpm4d4d0f3f2b6d28ce24163617dd44e824ELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.491.el6_8.7.i686.rpm1530555a3b58f5ae13353844e1091ff2ELSA-2020-4056
Oracle Linux 6 (x86_64) qemu-kvm-0.12.1.2-2.491.el6_8.7.src.rpm4d4d0f3f2b6d28ce24163617dd44e824ELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.491.el6_8.7.x86_64.rpm829f0bcb8dc1dac62413885908a3db87ELSA-2020-4056
qemu-img-0.12.1.2-2.491.el6_8.7.x86_64.rpmd8a9f098327ddb2a7dc29b4ca930813aELSA-2020-4056
qemu-kvm-0.12.1.2-2.491.el6_8.7.x86_64.rpm2e789b2b775d616cf22ef73bef8d2b85ELSA-2020-4056
qemu-kvm-tools-0.12.1.2-2.491.el6_8.7.x86_64.rpm6a15afd238e83124fad7b475bbad6227ELSA-2020-4056



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights