ELSA-2020-3906 - qemu-kvm security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | LOW |
| Release Date: | 2020-10-06 |
Description
[1.5.3-175.el7]
- kvm-vnc-fix-memory-leak-when-vnc-disconnect.patch [bz#1810408]
- Resolves: bz#1810408
(CVE-2019-20382 qemu-kvm: QEMU: vnc: memory leakage upon disconnect [rhel-7])
[1.5.3-174.el7]
- kvm-util-add-slirp_fmt-helpers2.patch [bz#1800515]
- kvm-tcp_emu-fix-unsafe-snprintf-usages2.patch [bz#1800515]
- kvm-slirp-disable-tcp_emu.patch [bz#1791679]
- kvm-gluster-Handle-changed-glfs_ftruncate-signature.patch [bz#1802215]
- kvm-gluster-the-glfs_io_cbk-callback-function-pointer-ad.patch [bz#1802215]
- kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]
- Resolves: bz#1618503
(qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])
- Resolves: bz#1791679
(QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-7])
- Resolves: bz#1800515
(CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages [rhel-7.9])
- Resolves: bz#1802215
(Add support for newer glusterfs)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (x86_64) | qemu-kvm-1.5.3-175.el7.src.rpm | 0af33c55052588875821c8e918b8533f | ELBA-2021-9161 |
| qemu-img-1.5.3-175.el7.x86_64.rpm | 722f285ee06773ab8871e62f5dc6f0a8 | ELBA-2021-9161 |
| qemu-kvm-1.5.3-175.el7.x86_64.rpm | 55ceabee2b658a2517df652c132c0ec9 | ELBA-2021-9161 |
| qemu-kvm-common-1.5.3-175.el7.x86_64.rpm | 8ea7dfbba05eed7bc7c98709faa39695 | ELSA-2021-0347 |
| qemu-kvm-tools-1.5.3-175.el7.x86_64.rpm | 6acc007f2860e833f78d5a72a817a7af | ELSA-2021-0347 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
