OVMSA-2020-0010 - qemu-kvm security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2020-03-12 |
Description
[0.12.1.2-2.506.el6_10.6]
- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734747]
- kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch [bz#1749731]
- kvm-tcp_emu-Fix-oob-access.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791558]
- Resolves: bz#1734747
(CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-6.10.z])
- Resolves: bz#1749731
(CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-6])
- Resolves: bz#1791558
(CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-6.10.z])
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.4 (x86_64) | qemu-kvm-0.12.1.2-2.506.el6_10.6.src.rpm | e1f8398a1d3298bdcaac339f4156e2b29c676d2fc9f1a8795222c1e04b7c2bb3 | OVMSA-2020-0043 | ovm34_x86_64_latest |
| qemu-img-0.12.1.2-2.506.el6_10.6.x86_64.rpm | 47cad606acc14ff3d85d5071e6dfc1237e4d1e9ac34410feadc4478cf769574a | OVMSA-2020-0043 | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
