Описание
ELSA-2019-1883: qemu-kvm security update (IMPORTANT)
[1.5.3-160.el7_6.3]
- kvm-slirp-check-sscanf-result-when-emulating-ident.patch [bz#1669067]
- kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch [bz#1669067]
- kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch [bz#1669067]
- kvm-slirp-don-t-manipulate-so_rcv-in-tcp_emu.patch [bz#1669067]
- Resolves: bz#1669067 (CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu() [rhel-7.6.z])
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
qemu-img
1.5.3-160.el7_6.3
qemu-kvm
1.5.3-160.el7_6.3
qemu-kvm-common
1.5.3-160.el7_6.3
qemu-kvm-tools
1.5.3-160.el7_6.3
Связанные CVE
Связанные уязвимости
CVSS3: 7.8
ubuntu
около 6 лет назад
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
CVSS3: 7.8
redhat
больше 6 лет назад
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
CVSS3: 7.8
nvd
около 6 лет назад
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
CVSS3: 7.8
debian
около 6 лет назад
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer ove ...
CVSS3: 7.8
github
около 3 лет назад
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.