Download
| Alert*
oval:org.secpod.oval:def:113639
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89003121 This update for xen fixes the following issues: Security vulnerabilities fixed: - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service affecting the entire hos ... oval:org.secpod.oval:def:114565 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:502272 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: vga: OOB read access during display update * Qemu: Slirp: use-after-free w ... oval:org.secpod.oval:def:89003104 This update for qemu fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6778: Fixed an out-of-bounds access in slirp - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp - CVE-2018-19489: Fixed a Denial-of-Service in virtfs - CVE-20 ... oval:org.secpod.oval:def:113395 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:113392 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114360 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89044954 This update for kvm fixes several issues. These security issues were fixed: - CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the shared f ... oval:org.secpod.oval:def:89044675 This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c . - CVE-2017-9524: The qemu-nbd server when built with the Network Bloc ... oval:org.secpod.oval:def:603121 Multiple vulnerabilities were found in in qemu, a fast processor emulator: CVE-2017-9375 Denial of service via memory leak in USB XHCI emulation. CVE-2017-12809 Denial of service in the CDROM device drive emulation. CVE-2017-13672 Denial of service in VGA display emulation. CVE-2017-13711 Denial of ... oval:org.secpod.oval:def:1502168 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89003411 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation . - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp . - CVE-2018-19489: Fixed a denial of ser ... oval:org.secpod.oval:def:113402 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:89044659 This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in SLE 15 . These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, ... oval:org.secpod.oval:def:204783 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: vga: OOB read access during display update * Qemu: Slirp: use-after-free w ... oval:org.secpod.oval:def:53149 Multiple vulnerabilities were found in in qemu, a fast processor emulator: CVE-2017-9375 Denial of service via memory leak in USB XHCI emulation. CVE-2017-12809 Denial of service in the CDROM device drive emulation. CVE-2017-13672 Denial of service in VGA display emulation. CVE-2017-13711 Denial of ... oval:org.secpod.oval:def:44100 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89044880 This update for xen fixes several issues. These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand code allowed for DoS - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leadi ... oval:org.secpod.oval:def:1504440 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:502333 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:204854 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:1700052 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:1600898 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:1502271 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... |