Download
| Alert*
oval:org.secpod.oval:def:89044725
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation . - CVE-2017-261 ... oval:org.secpod.oval:def:204453 KVM is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc. Security Fix: * Quick emulator built wit ... oval:org.secpod.oval:def:89044519 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS - CVE-2016-10155: The virtual hardware watchdog "wdt_i6300 ... oval:org.secpod.oval:def:89044958 This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS . - CVE-2017-5857: The Virtio GPU Device em ... oval:org.secpod.oval:def:204447 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Quick emulator built with the Cirrus CLGD 54xx VGA Emulator support is vulnerabl ... oval:org.secpod.oval:def:1800084 CVE: none assigned, XSA-207: memory leak when destroying guest without PT devices Reference: CVE-2017-2615, XSA-208: oob access in cirrus bitblt copy Reference: CVE-2017-2620, XSA-209: cirrus_bitblt_cputovideo does not check if memory region is safe Reference: oval:org.secpod.oval:def:89044679 This update for kvm fixes several issues. These security issues were fixed: - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation - CVE-2017-2615 ... oval:org.secpod.oval:def:112101 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:112184 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1800620 CVE: none assigned, XSA-207: memory leak when destroying guest without PT devices Reference CVE-2017-2615, XSA-208: oob access in cirrus bitblt copy Reference CVE-2017-2620, XSA-209: cirrus_bitblt_cputovideo does not check if memory region is safe Reference oval:org.secpod.oval:def:112137 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:1800650 CVE: none assigned, XSA-207: memory leak when destroying guest without PT devices Reference: CVE-2017-2615, XSA-208: oob access in cirrus bitblt copy Reference: CVE-2017-2620, XSA-209: cirrus_bitblt_cputovideo does not check if memory region is safe oval:org.secpod.oval:def:1501786 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501789 Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potent ... oval:org.secpod.oval:def:501984 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Quick emulator built with the Cirrus CLGD 54xx VGA Emulator support is vulnerabl ... oval:org.secpod.oval:def:1501791 Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potent ... oval:org.secpod.oval:def:501986 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerabl ... oval:org.secpod.oval:def:205728 Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update ... oval:org.secpod.oval:def:112118 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:51772 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:40179 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:703565 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:52187 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. |