Download
| Alert*
oval:org.secpod.oval:def:67391
Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:67051 libslirp: None libslirp could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:71252 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:505997 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:2501001 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:504747 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters * QEMU: slirp: networking out-of-bounds read information disclosure vulne ... oval:org.secpod.oval:def:118479 A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services. oval:org.secpod.oval:def:705554 libslirp: None libslirp could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:68023 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters * QEMU: slirp: networking out-of-bounds read information disclosure vulne ... oval:org.secpod.oval:def:1505288 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700524 A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ip_reass routine while reassembling incoming packets, if the first fragment is bigger than the m- oval:org.secpod.oval:def:69549 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:2500062 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:1503049 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:67028 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89044379 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix sPAPR emulator leaks the host hardware identity - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, ... oval:org.secpod.oval:def:1504760 [15:4.2.1-4.el7] - Document CVE-2020-25723 as fixed [Orabug: 32222397] {CVE-2020-25084} {CVE-2020-25723} - hw/net/e1000e: advance desc_offset in case of null descriptor [Orabug: 32217517] {CVE-2020-28916} - i386: Add 2nd Generation AMD EPYC processors [Orabug: 32217570] - libslirp: Update version ... oval:org.secpod.oval:def:89044451 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:705588 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:66723 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service. oval:org.secpod.oval:def:604927 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service. oval:org.secpod.oval:def:89044447 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix out-of-bound heap buffer access via an interrupt ID field - For the record, these issues are fixed in this package already. Most a ... oval:org.secpod.oval:def:89044405 This update for qemu fixes the following issues: - Fix OOB access during mmio operations - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: oval:org.secpod.oval:def:89044389 This update for qemu fixes the following issues: - Fix out-of-bounds access issue while doing multi block SDMA - Fix out-of-bounds read information disclosure in icmp6_send_echoreply - QEMU BIOS fails to read stage2 loader on s390x - Change dependency from CONFIG_VFIO back to CONFIG_LINUX - For ... oval:org.secpod.oval:def:89049531 This update for qemu fixes the following issues: - CVE-2020-25085: Fix out-of-bounds access issue while doing multi block SDMA - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply - Fix issue where s390 guest fails to find zipl boot menu index - QEMU BIOS fails t ... oval:org.secpod.oval:def:1505359 [15:4.2.1-13.el7] - pcie: Do not set power state for some hot-plugged devices [Orabug: 33642532] [15:4.2.1-12.1.el7] - Update slirp to address various CVEs [Orabug: 32208456] [Orabug: 33014409] [Orabug: 33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-29129} {CVE-2020-29130} {CVE-2021-359 ... oval:org.secpod.oval:def:89044446 This update for qemu fixes the following issues: - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6_send_echoreply |