ELSA-2018-4262 -- Oracle qemu_qemu-kvm_qemu-systemID: oval:org.secpod.oval:def:1504385 | Date: (C)2021-01-12 (M)2024-01-29 |
Class: PATCH | Family: unix |
[12:2.9.0-17.el7] - i386: Remove generic SMT thread check [Orabug: 28676425] - pc: Fix typo on PC_COMPAT_2_12 [Orabug: 28676425] - i386: Enable TOPOEXT feature on AMD EPYC CPU [Orabug: 28676425] - net: ignore packet size greater than INT_MAX [Orabug: 28762625] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28762617] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28762613] {CVE-2018-17958} - ne2000: fix possible out of bound access in ne2000_receive [Orabug: 28733338] {CVE-2018-10839} - seccomp: set the seccomp filter to all threads [Orabug: 28576303] {CVE-2018-15746} - virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit to virtio_net [Orabug: 28497003] - virtio-net: use 64-bit values for feature flags [Orabug: 28497003] - qga: check bytes count read by guest-file-read [Orabug: 28312939] {CVE-2018-12617} - CVE-2017-2630: Qemu: nbd: oob stack write in client routine drop_sync [Orabug: 28424694] {CVE-2017-2630} - CVE-2017-2633: Qemu: VNC: memory corruption due to unchecked resolution limit [Orabug: 28424697] {CVE-2017-2633} - CVE-2017-7471: Qemu: 9p: virtfs allows guest to change filesystem attributes [Orabug: 28407849] {CVE-2017-7471} - slirp: correct size computation while concatenating mbuf [Orabug: 28263244] {CVE-2018-11806}