Download
| Alert*
oval:org.secpod.oval:def:89044659
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in SLE 15 . These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, ... oval:org.secpod.oval:def:52200 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1600817 Quick Emulator , compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur due to an integer overflow while loading a kernel image during a guest boot. A user or process could use this flaw to potentially achieve arbit ... oval:org.secpod.oval:def:502247 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: cirrus: OOB access issue in mode4and5 write functions For more details abo ... oval:org.secpod.oval:def:89044954 This update for kvm fixes several issues. These security issues were fixed: - CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the shared f ... oval:org.secpod.oval:def:1502073 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502202 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: * Quick Emulator , compiled with the PC System Emulator with multiboot feature supp ... oval:org.secpod.oval:def:1502150 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:51996 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89044464 This update for xen to version 4.7.4 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand code allowed for DoS - bsc#1068191: Missing p2m error c ... oval:org.secpod.oval:def:89044654 This update for xen to version 4.9.1 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand code allowed for DoS - bsc#1068191: Missing p2m error c ... oval:org.secpod.oval:def:204765 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * Qemu: cirrus: OOB access issue in mode4and5 write functions For more details abo ... oval:org.secpod.oval:def:89044675 This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c . - CVE-2017-9524: The qemu-nbd server when built with the Network Bloc ... oval:org.secpod.oval:def:703987 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:44100 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:44101 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89044880 This update for xen fixes several issues. These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand code allowed for DoS - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leadi ... oval:org.secpod.oval:def:204717 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: * Quick Emulator , compiled with the PC System Emulator with multiboot feature supp ... oval:org.secpod.oval:def:1504440 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:603411 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. CVE-2017-15124 ... oval:org.secpod.oval:def:53337 Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. CVE-2017-15124 ... |