ELSA-2019-4640

ELSA-2019-4640 - qemu security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-05-14

Description


[15:3.1.0-3.el7]
- x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as
fixed (Mark Kanda) [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127}
{CVE-2018-12130} {CVE-2019-11091}

[15:3.1.0-2.el7]
- x86: Add mds feature (Karl Heubaum)
- e1000: Never increment the RX undersize count register (Chris Kenna)
- qemu.spec: audioflags set but never passed to configure script (Liam Merwick) [Orabug: 29715562]
- parfait: deal with parfait returning non-zero return value (Liam Merwick) [Orabug: 29715548]
- parfait: use nproc to choose default number of threads (Liam Merwick) [Orabug: 29715548]
- parfait: provide option to upload results (Liam Merwick) [Orabug: 29715548]
- parfait: disable misaligned-access check (Liam Merwick) [Orabug: 29715548]
- Document CVE-2019-8934 and CVE-2019-5008 as fixed (Mark Kanda) [Orabug: 29715605] {CVE-2019-5008} {CVE-2019-8934}
- device_tree.c: Don't use load_image() (Peter Maydell) [Orabug: 29715527] {CVE-2018-20815}
- slirp: check sscanf result when emulating ident (William Bowling) [Orabug: 29715525] {CVE-2019-9824}
- i2c-ddc: fix oob read (Gerd Hoffmann) [Orabug: 29715520] {CVE-2019-3812}
- scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini) [Orabug: 29259700] {CVE-2019-6501}
- slirp: check data length while emulating ident function (Prasad J Pandit) [Orabug: 29715755] {CVE-2019-6778}


Related CVEs


CVE-2018-20123
CVE-2019-6778
CVE-2018-12126
CVE-2018-12130
CVE-2018-12127
CVE-2019-11091
CVE-2018-19665
CVE-2019-6501
CVE-2019-9824
CVE-2018-18438
CVE-2018-20815
CVE-2019-3812
CVE-2019-8934

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) qemu-3.1.0-3.el7.src.rpme3c13b7d22c31ea1c4240745dfd36ed2-
ivshmem-tools-3.1.0-3.el7.aarch64.rpm5fbeef6bbbbcde70bd58099345399d13-
qemu-3.1.0-3.el7.aarch64.rpm6eb68504204a4f7f1ec98714135f5f79-
qemu-block-gluster-3.1.0-3.el7.aarch64.rpma11024b93549fdb77f7fbe51040744ee-
qemu-block-iscsi-3.1.0-3.el7.aarch64.rpm6863de2291557808eb651dd152c89ea0-
qemu-block-rbd-3.1.0-3.el7.aarch64.rpm0dcb55dd68fc5c214f8b50ab32fcee2d-
qemu-common-3.1.0-3.el7.aarch64.rpmd8662edb3b01d45a739d39e91eafd7a8-
qemu-img-3.1.0-3.el7.aarch64.rpmf95142af499b26316dc98338cfd5f8cd-
qemu-kvm-3.1.0-3.el7.aarch64.rpm383d993881d7ce95068565d57ed84955-
qemu-kvm-core-3.1.0-3.el7.aarch64.rpm6b53c5cfe9ca442443a63f46c7e37a19-
qemu-system-aarch64-3.1.0-3.el7.aarch64.rpm03f02d2a552edc59d37ae46982829a16-
qemu-system-aarch64-core-3.1.0-3.el7.aarch64.rpmeeaee25e510149f2e98e3ad7d190b6f8-
Oracle Linux 7 (x86_64) qemu-3.1.0-3.el7.src.rpme3c13b7d22c31ea1c4240745dfd36ed2-
qemu-3.1.0-3.el7.x86_64.rpm467940fdd7f8ead8654ef185e1d678f2-
qemu-block-gluster-3.1.0-3.el7.x86_64.rpmf7740c9ff5e509973e4e4fcd8e2e013c-
qemu-block-iscsi-3.1.0-3.el7.x86_64.rpmab245dbee2457e2b89921d3bc732d88c-
qemu-block-rbd-3.1.0-3.el7.x86_64.rpm47e6f73005c3a339f4c8c00fd7a9ba43-
qemu-common-3.1.0-3.el7.x86_64.rpme9d4e92ac14f55cd6e5c15eaa70e971d-
qemu-img-3.1.0-3.el7.x86_64.rpm9a5585e576617d8bfb3973e5797970f7-
qemu-kvm-3.1.0-3.el7.x86_64.rpm1c7fecb5d15400d3b4aab47281128913-
qemu-kvm-core-3.1.0-3.el7.x86_64.rpm9f9f8a12a17d7a48b09552a887aa11fb-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete