ELSA-2021-2322

Опубликовано: 09 июн. 2021

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2021-2322: qemu-kvm security update (MODERATE)

[1.5.3-175.el7_9.4]

kvm-ide-atapi-check-logical-block-address-and-read-size-.patch [bz#1917449]
Resolves: bz#1917449 (CVE-2020-29443 qemu-kvm: QEMU: ide: atapi: OOB access while processing read commands [rhel-7.9.z])

Oracle Linux 7

Oracle Linux x86_64

qemu-img

1.5.3-175.el7_9.4

qemu-kvm

1.5.3-175.el7_9.4

qemu-kvm-common

1.5.3-175.el7_9.4

qemu-kvm-tools

1.5.3-175.el7_9.4

CVE-2020-29443

CVSS3: 3.9

ubuntu

больше 4 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

CVE-2020-29443

CVSS3: 3.9

redhat

больше 4 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

CVE-2020-29443

CVSS3: 3.9

nvd

больше 4 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

CVE-2020-29443

CVSS3: 3.9

debian

больше 4 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of- ...

GHSA-3q92-j8r6-g6h8

CVSS3: 3.9

github

около 3 лет назад

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.