Oracle Errata System
Oracle Linux
5.3
2021-09-09T12:47:54
ELSA-2011-0919: qemu-kvm security and bug fix update (IMPORTANT)
Oracle Linux 6
[qemu-kvm-0.12.1.2-2.160.el6_1.2]
- kvm-virtio-guard-against-negative-vq-notifies.patch [bz#717403]
- Resolves: bz#717403
(qemu-kvm: OOB memory access caused by negative vq notifies [rhel-6.1.z])
[qemu-kvm-0.12.1.2-2.160.el6_1]
- kvm-Fix-phys-memory-client-pass-guest-physical-address-n.patch [bz#701771]
- kvm-virtio-prevent-indirect-descriptor-buffer-overflow.patch [bz#713592]
- Resolves: bz#701771
(Fix phys memory client for vhost)
- Resolves: bz#713592
(EMBARGOED CVE-2011-2212 virtqueue: too-large indirect descriptor buffer overflow [rhel-6.1.z])
IMPORTANT
Copyright 2011 Oracle, Inc.
CVE-2011-2212
CVE-2011-2512
qemu-img
qemu-kvm
qemu-kvm-tools
oraclelinux-release
72f97b74ec551f03
^6
x86_64
2:0.12.1.2-2.160.el6_1.2