Описание
ELSA-2015-1793: qemu-kvm security fix update (MODERATE)
[1.5.3-86.el7_1.6]
- kvm-rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-20.patch [bz#1248764]
- kvm-rtl8139-drop-tautologous-if-ip-.-statement-CVE-2015-.patch [bz#1248764]
- kvm-rtl8139-skip-offload-on-short-Ethernet-IP-header-CVE.patch [bz#1248764]
- kvm-rtl8139-check-IP-Header-Length-field-CVE-2015-5165.patch [bz#1248764]
- kvm-rtl8139-check-IP-Total-Length-field-CVE-2015-5165.patch [bz#1248764]
- kvm-rtl8139-skip-offload-on-short-TCP-header-CVE-2015-51.patch [bz#1248764]
- kvm-rtl8139-check-TCP-Data-Offset-field-CVE-2015-5165.patch [bz#1248764]
- Resolves: bz#1248764 (CVE-2015-5165 qemu-kvm: Qemu: rtl8139 uninitialized heap memory information leakage to guest [rhel-7.1.z])
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
libcacard
1.5.3-86.el7_1.6
libcacard-devel
1.5.3-86.el7_1.6
libcacard-tools
1.5.3-86.el7_1.6
qemu-img
1.5.3-86.el7_1.6
qemu-kvm
1.5.3-86.el7_1.6
qemu-kvm-common
1.5.3-86.el7_1.6
qemu-kvm-tools
1.5.3-86.el7_1.6
Связанные CVE
Связанные уязвимости
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
The C+ mode offload emulation in the RTL8139 network card device model ...
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.