Описание
ELSA-2020-1208: qemu-kvm security update (IMPORTANT)
[1.5.3-173.el7_8.1]
- kvm-util-add-slirp_fmt-helpers.patch [bz#1798970]
- kvm-tcp_emu-fix-unsafe-snprintf-usages.patch [bz#1798970]
- Resolves: bz#1798970 (CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages [rhel-7.8.z])
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
qemu-img
1.5.3-173.el7_8.1
qemu-kvm
1.5.3-173.el7_8.1
qemu-kvm-common
1.5.3-173.el7_8.1
qemu-kvm-tools
1.5.3-173.el7_8.1
Связанные CVE
Связанные уязвимости
CVSS3: 5.6
ubuntu
больше 5 лет назад
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
CVSS3: 5.6
redhat
больше 5 лет назад
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
CVSS3: 5.6
nvd
больше 5 лет назад
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
CVSS3: 5.6
debian
больше 5 лет назад
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf ...
