ELSA-2020-0775

ELSA-2020-0775 - qemu-kvm security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2020-03-10

Description


[0.12.1.2-2.506.el6_10.6]
- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734747]
- kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch [bz#1749731]
- kvm-tcp_emu-Fix-oob-access.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791558]
- Resolves: bz#1734747
(CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-6.10.z])
- Resolves: bz#1749731
(CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-6])
- Resolves: bz#1791558
(CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-6.10.z])


Related CVEs


CVE-2020-7039
CVE-2019-14378
CVE-2019-15890

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) qemu-kvm-0.12.1.2-2.506.el6_10.6.src.rpm3a9acc7d437e6eb21d7bccce883c0cc4ELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.i686.rpm30aa66541d3a439dcb07eab62663b656ELSA-2020-4056
Oracle Linux 6 (x86_64) qemu-kvm-0.12.1.2-2.506.el6_10.6.src.rpm3a9acc7d437e6eb21d7bccce883c0cc4ELSA-2020-4056
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.x86_64.rpm98c33aa704941abfafd9b446ffc1f827ELSA-2020-4056
qemu-img-0.12.1.2-2.506.el6_10.6.x86_64.rpma6906aa9eb100ba7ace8aa41115c0e07ELSA-2020-4056
qemu-kvm-0.12.1.2-2.506.el6_10.6.x86_64.rpm185cd652579d739b0824e0132e105f9fELSA-2020-4056
qemu-kvm-tools-0.12.1.2-2.506.el6_10.6.x86_64.rpm91a48804a1abe4a6e300bb7e5ec5d49dELSA-2020-4056



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete