Download
| Alert*
|
oval:org.secpod.oval:def:89002173
This update for kvm fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this ... oval:org.secpod.oval:def:89003121 This update for xen fixes the following issues: Security vulnerabilities fixed: - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service affecting the entire hos ... oval:org.secpod.oval:def:89002316 This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use thi ... oval:org.secpod.oval:def:89002439 This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use thi ... oval:org.secpod.oval:def:1504385 [12:2.9.0-17.el7] - i386: Remove generic SMT thread check [Orabug: 28676425] - pc: Fix typo on PC_COMPAT_2_12 [Orabug: 28676425] - i386: Enable TOPOEXT feature on AMD EPYC CPU [Orabug: 28676425] - net: ignore packet size greater than INT_MAX [Orabug: 28762625] {CVE-2018-17963} - pcnet: fix possi ... oval:org.secpod.oval:def:53457 Integer overflows in the processing of packets in network cards emulated by QEMU, a fast processor emulator, could result in denial of service. In addition this update backports support to passthrough the new CPU features added in the intel-microcode update shipped in DSA 4273 to x86-based guests. oval:org.secpod.oval:def:603564 Integer overflows in the processing of packets in network cards emulated by QEMU, a fast processor emulator, could result in denial of service. In addition this update backports support to passthrough the new CPU features added in the intel-microcode update shipped in DSA 4273 to x86-based guests. oval:org.secpod.oval:def:89002165 This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use thi ... oval:org.secpod.oval:def:704399 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89003136 This update for xen fixes the following issues: - Update to Xen 4.11.1 bug fix release - CVE-2018-17963: Fixed an integer overflow issue in the QEMU emulator, which could occur when a packet with large packet size is processed. A user inside a guest could have used this flaw to crash the qemu proce ... oval:org.secpod.oval:def:89002043 This update for xen fixes the following issues: - CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. - CVE-2018-15468: The DEBUGCTL MSR contains several debugging features ... oval:org.secpod.oval:def:503292 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix: * QEMU: net: ignor ... oval:org.secpod.oval:def:115587 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:49231 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:51543 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:49230 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:51027 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89049595 This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use thi ... oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:89002176 This update for xen fixes the following issues: XEN was updated to the Xen 4.9.3 bug fix only release - CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. - CVE-2018-1547 ... |
