OVMSA-2017-0047

OVMSA-2017-0047 - qemu-kvm security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2017-03-01

Description


[0.12.1.2-2.491.el6_8.7]
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420486 bz#1420488]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420486 bz#1420488]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420486 bz#1420488]
- Resolves: bz#1420486
(EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
- Resolves: bz#1420488
(EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])


Related CVEs


CVE-2017-2620

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.4 (x86_64) qemu-kvm-0.12.1.2-2.491.el6_8.7.src.rpm4d4d0f3f2b6d28ce24163617dd44e824OVMSA-2020-0043
qemu-img-0.12.1.2-2.491.el6_8.7.x86_64.rpmd8a9f098327ddb2a7dc29b4ca930813aOVMSA-2020-0043



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete