SciLinux: SLSA-2020-0775-1 Important: qemu-kvm on SL6.x i386/x86_64
QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) * QEMU: Slir...
Summary
Important: qemu-kvm security update
Security Fixes
* QEMU: slirp: heap buffer overflow during packet reassembly
(CVE-2019-14378)
* QEMU: slirp: OOB buffer access while emulating tcp protocols in
tcp_emu() (CVE-2020-7039)
* QEMU: Slirp: use-after-free during packet reassembly (CVE-2019-15890)
SL6
x86_64
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-img-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.506.el6_10.6.x86_64.rpm
i386
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.i686.rpm
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.6.i686.rpm
- Scientific Linux Development Team
Severity
Advisory ID: SLSA-2020:0775-1
Issued Date: : 2020-03-10
CVE Numbers: CVE-2019-14378
CVE-2019-15890
CVE-2020-7039
