Описание
ELSA-2015-1943: qemu-kvm security update (MODERATE)
[1.5.3-86.el7_1.8]
- kvm-qtest-ide-test-disable-flush-test.patch [bz#1273098]
- Resolves: bz#1273098 (qemu-kvm build failure race condition in tests/ide-test)
[1.5.3-86.el7_1.7]
- kvm-CVE-2015-1779-incrementally-decode-websocket-frames.patch [bz#1205050]
- kvm-CVE-2015-1779-limit-size-of-HTTP-headers-from-websoc.patch [bz#1205050]
- Resolves: bz#1205050 (CVE-2015-1779 qemu-kvm: qemu: vnc: insufficient resource limiting in VNC websockets decoder [rhel-7.1.z])
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
libcacard
1.5.3-86.el7_1.8
libcacard-devel
1.5.3-86.el7_1.8
libcacard-tools
1.5.3-86.el7_1.8
qemu-img
1.5.3-86.el7_1.8
qemu-kvm
1.5.3-86.el7_1.8
qemu-kvm-common
1.5.3-86.el7_1.8
qemu-kvm-tools
1.5.3-86.el7_1.8
Связанные CVE
Связанные уязвимости
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
The VNC websocket frame decoder in QEMU allows remote attackers to cau ...
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.