Описание
ELSA-2015-1507: qemu-kvm security and bug fix update (IMPORTANT)
[1.5.3-86.el7_1.5]
- kvm-i8254-fix-out-of-bounds-memory-access-in-pit_ioport_.patch [bz#1243726]
- Resolves: bz#1243726 (CVE-2015-3214 qemu-kvm: qemu: i8254: out-of-bounds memory access in pit_ioport_read function [rhel-7.1.z])
[1.5.3-86.el7_1.4]
- kvm-ide-Check-array-bounds-before-writing-to-io_buffer-C.patch [bz#1243689]
- kvm-ide-atapi-Fix-START-STOP-UNIT-command-completion.patch [bz#1243689]
- kvm-ide-Clear-DRQ-after-handling-all-expected-accesses.patch [bz#1243689]
- Resolves: bz#1243689 (EMBARGOED CVE-2015-5154 qemu-kvm: qemu: ide: atapi: heap overflow during I/O buffer memory access [rhel-7.1.z])
[1.5.3-86.el7_1.3]
- kvm-atomics-add-explicit-compiler-fence-in-__atomic-memo.patch [bz#1233643]
- Resolves: bz#1233643 ([abrt] qemu-kvm: bdrv_error_action(): qemu-kvm killed by SIGABRT)
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
libcacard
1.5.3-86.el7_1.5
libcacard-devel
1.5.3-86.el7_1.5
libcacard-tools
1.5.3-86.el7_1.5
qemu-img
1.5.3-86.el7_1.5
qemu-kvm
1.5.3-86.el7_1.5
qemu-kvm-common
1.5.3-86.el7_1.5
qemu-kvm-tools
1.5.3-86.el7_1.5
Связанные CVE
Связанные уязвимости
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and Q ...
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.