Описание
ELSA-2017-0352: qemu-kvm security update (IMPORTANT)
[0.12.1.2-2.491.el6_8.7]
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420486 bz#1420488]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420486 bz#1420488]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420486 bz#1420488]
- Resolves: bz#1420486 (EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
- Resolves: bz#1420488 (EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
qemu-guest-agent
0.12.1.2-2.491.el6_8.7
qemu-img
0.12.1.2-2.491.el6_8.7
qemu-kvm
0.12.1.2-2.491.el6_8.7
qemu-kvm-tools
0.12.1.2-2.491.el6_8.7
Oracle Linux i686
qemu-guest-agent
0.12.1.2-2.491.el6_8.7
Связанные CVE
Связанные уязвимости
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA E ...
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.