[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2017:0083 -- centos 7 qemu-kvm

ID: oval:org.secpod.oval:def:204081Date: (C)2017-01-20   (M)2023-02-20
Class: PATCHFamily: unix




Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: * An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet"s checksum, because a QEMU function used the packet"s payload length without checking against the data buffer"s size. A user inside a guest could use this flaw to crash the QEMU process . Red Hat would like to thank Ling Liu for reporting this issue. Bug Fix: * Previously, rebooting a guest virtual machine more than 128 times in a short period of time caused the guest to shut down instead of rebooting, because the virtqueue was not cleaned properly. This update ensures that the virtqueue is cleaned more reliably, which prevents the described problem from occurring

Platform:
CentOS 7
Product:
qemu-kvm
Reference:
CESA-2017:0083
CVE-2016-2857
CVE    1
CVE-2016-2857
CPE    2
cpe:/a:kvm_group:qemu-kvm
cpe:/o:centos:centos:7

© SecPod Technologies