Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-0083

Опубликовано: 17 янв. 2017
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2017-0083: qemu-kvm security and bug fix update (LOW)

[1.5.3-126.el7_3.3]

  • kvm-net-check-packet-payload-length.patch [bz#1398217]
  • Resolves: bz#1398217 (CVE-2016-2857 qemu-kvm: Qemu: net: out of bounds read in net_checksum_calculate() [rhel-7.3.z])

[1.5.3-126.el7_3.2]

  • kvm-virtio-introduce-virtqueue_unmap_sg.patch [bz#1393484]
  • kvm-virtio-introduce-virtqueue_discard.patch [bz#1393484]
  • kvm-virtio-decrement-vq-inuse-in-virtqueue_discard.patch [bz#1393484]
  • kvm-balloon-fix-segfault-and-harden-the-stats-queue.patch [bz#1393484]
  • kvm-virtio-balloon-discard-virtqueue-element-on-reset.patch [bz#1393484]
  • kvm-virtio-zero-vq-inuse-in-virtio_reset.patch [bz#1393484]
  • kvm-virtio-add-virtqueue_rewind.patch [bz#1393484]
  • kvm-virtio-balloon-fix-stats-vq-migration.patch [bz#1393484]
  • Resolves: bz#1393484 ([RHEL7.3] KVM guest shuts itself down after 128th reboot)

[1.5.3-126.el7_3.1]

  • kvm-ide-fix-halted-IO-segfault-at-reset.patch [bz#1393042]
  • kvm-hw-i386-regenerate-checked-in-AML-payload-RHEL-only.patch [bz#1392027]
  • kvm-SPEC-file-flip-the-build-from-IASL-to-checked-in-AML.patch [bz#1392027]
  • Resolves: bz#1392027 (shutdown rhel 5.11 guest failed and stop at 'system halted')
  • Resolves: bz#1393042 (system_reset should clear pending request for error (IDE))

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

qemu-img

1.5.3-126.el7_3.3

qemu-kvm

1.5.3-126.el7_3.3

qemu-kvm-common

1.5.3-126.el7_3.3

qemu-kvm-tools

1.5.3-126.el7_3.3

Связанные CVE

CVE-2016-2857

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2016-2857

CVSS3: 8.4
ubuntu
больше 9 лет назад

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

redhat логотип

CVE-2016-2857

CVSS3: 4.7
redhat
больше 9 лет назад

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

nvd логотип

CVE-2016-2857

CVSS3: 8.4
nvd
больше 9 лет назад

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

debian логотип

CVE-2016-2857

CVSS3: 8.4
debian
больше 9 лет назад

The net_checksum_calculate function in net/checksum.c in QEMU allows l ...

github логотип

GHSA-r736-2mvg-hchh

CVSS3: 8.4
github
больше 3 лет назад

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.