RLSA-2020:1358

Описание

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix(es):

• QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711)

• QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• libvirtd: error : virCPUx86UpdateLive:3110 : operation failed: guest CPU doesn't match specification: missing features: fxsr_opt (BZ#1809510)