Download
| Alert*
|
oval:org.secpod.oval:def:89045488
This update for kvm fixes the following issues: - CVE-2021-3594: invalid pointer initialization may lead to information disclosure in slirp - CVE-2021-3592: invalid pointer initialization may lead to information disclosure . - CVE-2021-3416: infinite loop in loopback mode may lead to stack overfl ... oval:org.secpod.oval:def:1505422 [15:4.2.1-15.el7] - Document CVE-2021-4158 and CVE-2021-3947 as fixed [Orabug: 33719302] [Orabug: 33754145] {CVE-2021-3947} {CVE-2021-4158} - hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 [Orabug: 32439466] {CVE-2021-20196} - hw/block/fdc: Extract blk_create_empty_drive [Orabug: ... oval:org.secpod.oval:def:506291 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:74528 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:75888 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:4500038 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:1505063 hivex [1.3.18-21] - Bounds check for block exceeding page length resolves: rhbz#1950501 libvirt [6.0.0-35.1.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] - Add runtime deps for pkg librbd1 = 1:10.2.5 - Disable parallel builds [6.0.0-35.1.el8] - network: make it safe to call netwo ... oval:org.secpod.oval:def:74004 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:74522 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:706072 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:74003 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:2500267 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:89047086 This update for qemu fixes the following issues: - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream - Fix OOB access in sdhci interface - Fix potential privilege escalation in virtiofsd tool - Fix OOB access in rtl8139 NIC emulation - Fix heap ... oval:org.secpod.oval:def:89044348 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb iehci packet handling - Fix infinite loop in usb hcd-ohci emula ... oval:org.secpod.oval:def:89044339 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044349 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:1505552 hivex [1.3.18-21] - Bounds check for block exceeding page length resolves: rhbz#1950501 libguestfs [1.40.2-28.0.1] - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.40.2-28] - daemo ... oval:org.secpod.oval:def:89044202 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044340 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044350 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89049497 This update for qemu fixes the following issues: - CVE-2020-12829: Fix OOB access in sm501 device emulation - CVE-2020-25723: Fix use-after-free in usb xhci packet handling - CVE-2020-25084: Fix use-after-free in usb ehci packet handling - CVE-2020-25625: Fix infinite loop in usb hcd-ohci emulat ... oval:org.secpod.oval:def:1701426 A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU pr ... |
