Описание
ELSA-2015-1833: qemu-kvm security update (MODERATE)
[0.12.1.2-2.479.el6_7.1]
- kvm-rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-20.patch [bz#1248761]
- kvm-rtl8139-drop-tautologous-if-ip-.-statement-CVE-2015-.patch [bz#1248761]
- kvm-rtl8139-skip-offload-on-short-Ethernet-IP-header-CVE.patch [bz#1248761]
- kvm-rtl8139-check-IP-Header-Length-field-CVE-2015-5165.patch [bz#1248761]
- kvm-rtl8139-check-IP-Total-Length-field-CVE-2015-5165.patch [bz#1248761]
- kvm-rtl8139-skip-offload-on-short-TCP-header-CVE-2015-51.patch [bz#1248761]
- kvm-rtl8139-check-TCP-Data-Offset-field-CVE-2015-5165.patch [bz#1248761]
- Resolves: bz#1248761 (CVE-2015-5165 qemu-kvm: Qemu: rtl8139 uninitialized heap memory information leakage to guest [rhel-6.7.z])
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
qemu-guest-agent
0.12.1.2-2.479.el6_7.1
qemu-img
0.12.1.2-2.479.el6_7.1
qemu-kvm
0.12.1.2-2.479.el6_7.1
qemu-kvm-tools
0.12.1.2-2.479.el6_7.1
Oracle Linux i686
qemu-guest-agent
0.12.1.2-2.479.el6_7.1
Связанные CVE
Связанные уязвимости
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
The C+ mode offload emulation in the RTL8139 network card device model ...
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.