Описание
ELSA-2017-1681: qemu-kvm security update (IMPORTANT)
[1.5.3-126.el7_3.10]
- kvm-nbd-Fully-initialize-client-in-case-of-failed-negoti.patch [bz#1460179]
- kvm-nbd-Fix-regression-on-resiliency-to-port-scan.patch [bz#1460179]
- Resolves: bz#1460179 (CVE-2017-9524 qemu-kvm: Qemu: nbd: segmentation fault due to client non-negotiation [rhel-7.3.z])
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
qemu-img
1.5.3-126.el7_3.10
qemu-kvm
1.5.3-126.el7_3.10
qemu-kvm-common
1.5.3-126.el7_3.10
qemu-kvm-tools
1.5.3-126.el7_3.10
Связанные CVE
Связанные уязвимости
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.