OVMSA-2017-0047

ULN >
Oracle Linux Errata repository >
OVMSA-2017-0047

OVMSA-2017-0047 - qemu-kvm security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2017-03-01

Description

[0.12.1.2-2.491.el6_8.7]
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420486 bz#1420488]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420486 bz#1420488]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420486 bz#1420488]
- Resolves: bz#1420486
(EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
- Resolves: bz#1420488
(EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])

Related CVEs

CVE-2017-2620

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle VM 3.4 (x86_64)	qemu-kvm-0.12.1.2-2.491.el6_8.7.src.rpm	4d4d0f3f2b6d28ce24163617dd44e824	OVMSA-2020-0043
	qemu-img-0.12.1.2-2.491.el6_8.7.x86_64.rpm	d8a9f098327ddb2a7dc29b4ca930813a	OVMSA-2020-0043

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691