ELSA-2019-2892

ULN >
Oracle Linux Errata repository >
ELSA-2019-2892

ELSA-2019-2892 - qemu-kvm security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2019-09-24

Description

[0.12.1.2-2.506.el6_10.5]
- kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch [bz#1669066]
- kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch [bz#1669066]
- kvm-slirp-don-t-manipulate-so_rcv-in-tcp_emu.patch [bz#1669066]
- kvm-qxl-check-release-info-object.patch [bz#1712728]
- kvm-net-Use-iov-helper-functions.patch [bz#1636415]
- kvm-net-increase-buffer-size-to-accommodate-Jumbo-frame-.patch [bz#1636415]
- kvm-net-ignore-packet-size-greater-than-INT_MAX.patch [bz#1636415]
- kvm-net-drop-too-large-packet-early.patch [bz#1636415]
- kvm-PATCH-slirp-fix-buffer-overrun.patch [bz#1586251]
- kvm-Fix-build-from-previous-commit.patch [bz#1586251]
- kvm-slirp-remove-mbuf-m_hdr-m_dat-indirection.patch [bz#1586251]
- kvm-slirp-Convert-mbufs-to-use-g_malloc-and-g_free.patch [bz#1586251]
- kvm-slirp-correct-size-computation-while-concatenating-m.patch [bz#1586251]
- kvm-pcnet-fix-possible-buffer-overflow.patch [bz#1636774]
- Resolves: bz#1586251
(CVE-2018-11806 qemu-kvm: QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams [rhel-6.10.z])
- Resolves: bz#1636415
(CVE-2018-10839 qemu-kvm: Qemu: ne2000: integer overflow leads to buffer overflow issue [rhel-6])
- Resolves: bz#1636774
(CVE-2018-17962 qemu-kvm: Qemu: pcnet: integer overflow leads to buffer overflow [rhel-6])
- Resolves: bz#1669066
(CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu() [rhel-6.10.z])
- Resolves: bz#1712728
(CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-6])

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 6 (i386)	qemu-kvm-0.12.1.2-2.506.el6_10.5.src.rpm	392256a3709b2a97ecea4f157c82b57342dc40004732b78dcf915f0e984fdf6d	ELSA-2020-4056	ol6_i386_latest
	qemu-kvm-0.12.1.2-2.506.el6_10.5.src.rpm	392256a3709b2a97ecea4f157c82b57342dc40004732b78dcf915f0e984fdf6d	ELSA-2020-4056	ol6_u10_i386_patch
	qemu-guest-agent-0.12.1.2-2.506.el6_10.5.i686.rpm	008bd89a9bcec6918152ddf8873be2dd9bdd53a1d82cdb41b71149cecd43cf0b	ELSA-2020-4056	ol6_i386_latest
	qemu-guest-agent-0.12.1.2-2.506.el6_10.5.i686.rpm	008bd89a9bcec6918152ddf8873be2dd9bdd53a1d82cdb41b71149cecd43cf0b	ELSA-2020-4056	ol6_u10_i386_patch

Oracle Linux 6 (x86_64)	qemu-kvm-0.12.1.2-2.506.el6_10.5.src.rpm	392256a3709b2a97ecea4f157c82b57342dc40004732b78dcf915f0e984fdf6d	ELSA-2020-4056	ol6_u10_x86_64_patch
	qemu-kvm-0.12.1.2-2.506.el6_10.5.src.rpm	392256a3709b2a97ecea4f157c82b57342dc40004732b78dcf915f0e984fdf6d	ELSA-2020-4056	ol6_x86_64_latest
	qemu-guest-agent-0.12.1.2-2.506.el6_10.5.x86_64.rpm	12b678dd66d28540af8820c500fb1cde5bce229cdb720e0febcdf300219c3ab5	ELSA-2020-4056	ol6_u10_x86_64_patch
	qemu-guest-agent-0.12.1.2-2.506.el6_10.5.x86_64.rpm	12b678dd66d28540af8820c500fb1cde5bce229cdb720e0febcdf300219c3ab5	ELSA-2020-4056	ol6_x86_64_latest
	qemu-img-0.12.1.2-2.506.el6_10.5.x86_64.rpm	e0a1608cc998a8d7fc21e6f2befdaf23cf0722544b40182dbced409f06873160	ELSA-2020-4056	ol6_u10_x86_64_patch
	qemu-img-0.12.1.2-2.506.el6_10.5.x86_64.rpm	e0a1608cc998a8d7fc21e6f2befdaf23cf0722544b40182dbced409f06873160	ELSA-2020-4056	ol6_x86_64_latest
	qemu-kvm-0.12.1.2-2.506.el6_10.5.x86_64.rpm	63289d7405adc5cf802a55f3cf923e1ec1401482337b28dce96ddfc85fd7c523	ELSA-2020-4056	ol6_u10_x86_64_patch
	qemu-kvm-0.12.1.2-2.506.el6_10.5.x86_64.rpm	63289d7405adc5cf802a55f3cf923e1ec1401482337b28dce96ddfc85fd7c523	ELSA-2020-4056	ol6_x86_64_latest
	qemu-kvm-tools-0.12.1.2-2.506.el6_10.5.x86_64.rpm	7625df35eac9af186ab5b0cdc1185920d7cd95e3a258187a3a045fe0f017921c	ELSA-2020-4056	ol6_u10_x86_64_patch
	qemu-kvm-tools-0.12.1.2-2.506.el6_10.5.x86_64.rpm	7625df35eac9af186ab5b0cdc1185920d7cd95e3a258187a3a045fe0f017921c	ELSA-2020-4056	ol6_x86_64_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691