Download
| Alert*
oval:org.secpod.oval:def:1901101
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. oval:org.secpod.oval:def:704851 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1504020 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504762 [15:3.0.0-4.el7] - usb-mtp: use O_NOFOLLOW and O_CLOEXEC. [Orabug: 29056673] {CVE-2018-16872} - pvrdma: add uar_read routine {CVE-2018-20191} - pvrdma: release ring object in case of an error [Orabug: 29171822] {CVE-2018-20126} - pvrdma: check number of pages when creating rings [Orabug: 2917182 ... oval:org.secpod.oval:def:89003053 This update for qemu fixes the following issues: - Remove a backslash (\) escape character from 80-qemu-ga.rules Unlike sles 15 or newer guests, The udev rule file of qemu guest agent in sles 12 sp4 or newer guest only needs one escape character. - Fix use-after-free in slirp - Fix potential DOS i ... oval:org.secpod.oval:def:89050697 This update for qemu fixes the following issues: qemu was updated to v3.1.1.1, a stable, bug-fix-only release, which includes 2 fixes we already carry, as well as one additional use- after-free fix in slirp. Security issues fixed: - CVE-2019-12068: Fixed potential DOS in lsi scsi controller emulati ... oval:org.secpod.oval:def:89050663 This update for qemu fixes the following issues: - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 - Fix use-after-free in slirp - Fix potential DOS in lsi scsi controller emulation - Expose taa-no "feature", indicating CPU does not have the TSX Async Abort vulnerabil ... |