Описание
ELSA-2021-9335: qemu security update (IMPORTANT)
[15:4.2.1-10.el7]
- e1000: fail early for evil descriptor (Jason Wang) [Orabug: 32560552] {CVE-2021-20257}
- Document CVE-2020-27661 as fixed (Mark Kanda) [Orabug: 32960200] {CVE-2020-27661}
- block: Avoid stale pointer dereference in blk_get_aio_context() (Greg Kurz)
- block: Fix blk->in_flight during blk_wait_while_drained() (Kevin Wolf)
- block: Increase BB.in_flight for coroutine and sync interfaces (Kevin Wolf)
- block-backend: Reorder flush/pdiscard function definitions (Kevin Wolf)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ivshmem-tools
4.2.1-10.el7
qemu
4.2.1-10.el7
qemu-block-gluster
4.2.1-10.el7
qemu-block-iscsi
4.2.1-10.el7
qemu-block-rbd
4.2.1-10.el7
qemu-common
4.2.1-10.el7
qemu-img
4.2.1-10.el7
qemu-kvm
4.2.1-10.el7
qemu-kvm-core
4.2.1-10.el7
qemu-system-aarch64
4.2.1-10.el7
qemu-system-aarch64-core
4.2.1-10.el7
Oracle Linux x86_64
qemu
4.2.1-10.el7
qemu-block-gluster
4.2.1-10.el7
qemu-block-iscsi
4.2.1-10.el7
qemu-block-rbd
4.2.1-10.el7
qemu-common
4.2.1-10.el7
qemu-img
4.2.1-10.el7
qemu-kvm
4.2.1-10.el7
qemu-kvm-core
4.2.1-10.el7
qemu-system-x86
4.2.1-10.el7
qemu-system-x86-core
4.2.1-10.el7
Связанные CVE
Связанные уязвимости
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-d ...