Download
| Alert*
oval:org.secpod.oval:def:115015
QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:1504385 [12:2.9.0-17.el7] - i386: Remove generic SMT thread check [Orabug: 28676425] - pc: Fix typo on PC_COMPAT_2_12 [Orabug: 28676425] - i386: Enable TOPOEXT feature on AMD EPYC CPU [Orabug: 28676425] - net: ignore packet size greater than INT_MAX [Orabug: 28762625] {CVE-2018-17963} - pcnet: fix possi ... oval:org.secpod.oval:def:1502682 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603933 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure. In addition this update backports support to passthrough the new md-clear CPU flag added in the intel-microcode update ship ... oval:org.secpod.oval:def:205372 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams * QEMU ... oval:org.secpod.oval:def:55310 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure. In addition this update backports support to passthrough the new md-clear CPU flag added in the intel-microcode update ship ... oval:org.secpod.oval:def:503352 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams * QEMU ... oval:org.secpod.oval:def:49231 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:502365 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix: * QEMU: slirp: hea ... oval:org.secpod.oval:def:51543 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:49230 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:51027 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:502351 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams * QEMU ... oval:org.secpod.oval:def:204870 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams * QEMU ... oval:org.secpod.oval:def:1700077 A heap buffer overflow issue was found in the way SLiRP networking back-end in QEMU processes fragmented packets. It could occur while reassembling the fragmented datagrams of an incoming packet. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or ... oval:org.secpod.oval:def:1502293 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600923 Quick Emulator , compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mh_load_end_addr address is greater than the mh_bss_end_addr address. A user or process ... oval:org.secpod.oval:def:1504440 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:89002157 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3665: Fix Lazy FP Save/Restore issue . - CVE-2018-12891: Fix possible Denial of Service via certain PV MMU operations that affect the entire host . - CVE-2018-12892: Fix libxl to honour the readonly flag on HVM emul ... oval:org.secpod.oval:def:115017 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:89043744 This update for kvm fixes the following security issues: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS - CVE-2018-11806: Prevent heap-based buffer overflow via incoming ... oval:org.secpod.oval:def:89002408 This update for qemu fixes the following issues: These security issues were fixed: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS . - CVE-2018-11806: Prevent heap-based b ... oval:org.secpod.oval:def:89049622 This update for qemu to version 2.11.2 fixes the following issues: Security issue fixed: - CVE-2018-11806: Fix heap buffer overflow issue that can happen while reassembling fragmented datagrams . - CVE-2018-3639: Mitigation functionality for Speculative Store Bypass issue in x86 . - CVE-2018-7550: F ... oval:org.secpod.oval:def:89002441 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-12891: Fix preemption checks bypass in x86 PV MM handling . - CVE-2018-12892: Fix libxl failure to honour readonly flag on HVM emulated SCSI disks . - CVE-2018-12893: Fix #DB exception safety check that could be trig ... oval:org.secpod.oval:def:89002444 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-12891: Fix preemption checks bypass in x86 PV MM handling . - CVE-2018-12892: Fix libxl failure to honour readonly flag on HVM emulated SCSI disks . - CVE-2018-12893: Fix #DB exception safety check that could be trig ... oval:org.secpod.oval:def:89043868 This update for qemu fixes the following security issues: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS - CVE-2018-11806: Prevent heap-based buffer overflow via incomin ... oval:org.secpod.oval:def:89002545 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read with g_malloc . - CVE-2018-3665: Fix Lazy FP Save/Restore issue . - CVE-2018-11806: Fix heap buffer overflow while reassembling fragmen ... oval:org.secpod.oval:def:89043591 This update for qemu fixes the following security issues: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS - CVE-2018-11806: Prevent heap-based buffer overflow via incomin ... |