[El-errata] ELSA-2020-0775 Important: Oracle Linux 6 qemu-kvm security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Mar 10 21:57:34 PDT 2020
Oracle Linux Security Advisory ELSA-2020-0775
http://linux.oracle.com/errata/ELSA-2020-0775.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.i686.rpm
x86_64:
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-img-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.506.el6_10.6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/qemu-kvm-0.12.1.2-2.506.el6_10.6.src.rpm
Description of changes:
[0.12.1.2-2.506.el6_10.6]
- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734747]
- kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch
[bz#1749731]
- kvm-tcp_emu-Fix-oob-access.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791558]
- Resolves: bz#1734747
(CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during
packet reassembly [rhel-6.10.z])
- Resolves: bz#1749731
(CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet
reassembly [rhel-6])
- Resolves: bz#1791558
(CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while
emulating tcp protocols in tcp_emu() [rhel-6.10.z])
More information about the El-errata
mailing list