Описание
ELSA-2015-1925: kvm security update (IMPORTANT)
[kvm-83-274.0.1.el5]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch
[kvm-83.274.el5]
- net-add-checks-to-validate-ring-buffer-pointers.patch [bz#1263272]
- Resolves: bz#1263272 (CVE-2015-5279 kvm: qemu: Heap overflow vulnerability in ne2000_receive() function [rhel-5.11.z])
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kmod-kvm
83-274.0.1.el5_11
kmod-kvm-debug
83-274.0.1.el5_11
kvm
83-274.0.1.el5_11
kvm-qemu-img
83-274.0.1.el5_11
kvm-tools
83-274.0.1.el5_11
Связанные CVE
Связанные уязвимости
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne ...
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.