Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-0345

Опубликовано: 10 мар. 2011
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2011-0345: qemu-kvm security update (MODERATE)

[qemu-kvm-0.12.1.2-2.113.el6_0.8]

  • kvm-Revert-blockdev-Fix-drive_del-not-to-crash-when-driv.patch [bz#677170]
  • kvm-Revert-blockdev-check-dinfo-ptr-before-using-v2.patch [bz#677170]
  • kvm-Revert-Implement-drive_del-to-decouple-block-removal.patch [bz#677170]
  • kvm-Revert-block-Catch-attempt-to-attach-multiple-device.patch [bz#677170]
  • kvm-Revert-qdev-Decouple-qdev_prop_drive-from-DriveInfo-.patch [bz#677170]
  • kvm-Revert-blockdev-Clean-up-automatic-drive-deletion-v2.patch [bz#677170]
  • kvm-Revert-blockdev-New-drive_get_by_blockdev-v2.patch [bz#677170]
  • kvm-Revert-qdev-Don-t-leak-string-property-value-on-hot-.patch [bz#677170]
  • kvm-Revert-ide-Split-non-qdev-code-off-ide_init2.patch [bz#677170]
  • kvm-Revert-ide-Change-ide_init_drive-to-require-valid-di.patch [bz#677170]
  • kvm-Revert-ide-Split-ide_init1-off-ide_init2-v2.patch [bz#677170]
  • kvm-Revert-ide-Remove-redundant-IDEState-member-conf.patch [bz#677170]
  • Related: bz#677170 (drive_del command to let libvirt safely remove block device from guest)

[qemu-kvm-0.12.1.2-2.113.el6_0.7]

  • kvm-ide-Remove-redundant-IDEState-member-conf.patch [bz#677170]
  • kvm-ide-Split-ide_init1-off-ide_init2-v2.patch [bz#677170]
  • kvm-ide-Change-ide_init_drive-to-require-valid-dinfo-arg.patch [bz#677170]
  • kvm-ide-Split-non-qdev-code-off-ide_init2.patch [bz#677170]
  • kvm-qdev-Don-t-leak-string-property-value-on-hot-unplug.patch [bz#677170]
  • kvm-blockdev-New-drive_get_by_blockdev-v2.patch [bz#677170]
  • kvm-blockdev-Clean-up-automatic-drive-deletion-v2.patch [bz#677170]
  • kvm-qdev-Decouple-qdev_prop_drive-from-DriveInfo-v2.patch [bz#677170]
  • kvm-block-Catch-attempt-to-attach-multiple-devices-to-a-.patch [bz#677170]
  • kvm-Implement-drive_del-to-decouple-block-removal-from-d.patch [bz#677170]
  • kvm-blockdev-check-dinfo-ptr-before-using-v2.patch [bz#677170]
  • kvm-blockdev-Fix-drive_del-not-to-crash-when-drive-is-no.patch [bz#677170]
  • kvm-Fix-CVE-2011-0011-qemu-kvm-Setting-VNC-password-to-e.patch [bz#668598]
  • Resolves: bz#668598 (CVE-2011-0011 qemu-kvm: Setting VNC password to empty string silently disables all authentication [rhel-6.0.z])
  • Resolves: bz#677170 (drive_del command to let libvirt safely remove block device from guest)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

qemu-img

0.12.1.2-2.113.el6_0.8

qemu-kvm

0.12.1.2-2.113.el6_0.8

qemu-kvm-tools

0.12.1.2-2.113.el6_0.8

Связанные CVE

CVE-2011-0011

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2011-0011

ubuntu
около 13 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

redhat логотип

CVE-2011-0011

redhat
больше 14 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

nvd логотип

CVE-2011-0011

nvd
около 13 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

debian логотип

CVE-2011-0011

debian
около 13 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password i ...

github логотип

GHSA-x485-7p7r-jxj7

github
около 3 лет назад

qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

Уязвимость ELSA-2011-0345