Lucene search
OracleELSA-2014-0927HistoryJul 23, 2014 - 12:00 a.m.
qemu-kvm security and bug fix update
2014-07-2300:00:00
Oracle
linux.oracle.com
26
0.079 Low
EPSS
Percentile
93.6%
[1.5.3-60.el7_0.5]
- kvm-Allow-mismatched-virtio-config-len.patch [bz#1095782]
- Resolves: bz#1095782
(CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z])
[1.5.3-60.el7_0.4] - kvm-zero-initialize-KVM_SET_GSI_ROUTING-input.patch [bz#1110693]
- kvm-skip-system-call-when-msi-route-is-unchanged.patch [bz#1110693]
- Resolves: bz#1110693
(2x RHEL 5.10 VM running on RHEL 7 KVM have low TCP_STREAM throughput)
[1.5.3-60.el7_0.3] - kvm-virtio-net-fix-buffer-overflow-on-invalid-state-load.patch [bz#1095677]
- kvm-virtio-net-out-of-bounds-buffer-write-on-load.patch [bz#1095684]
- kvm-virtio-net-out-of-bounds-buffer-write-on-invalid-sta.patch [bz#1095689]
- kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch [bz#1095694]
- kvm-virtio-avoid-buffer-overrun-on-incoming-migration.patch [bz#1095737]
- kvm-virtio-scsi-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095741]
- kvm-virtio-validate-config_len-on-load.patch [bz#1095782]
- kvm-virtio-validate-num_sg-when-mapping.patch [bz#1095765]
- kvm-virtio-allow-mapping-up-to-max-queue-size.patch [bz#1095765]
- kvm-vmstate-add-VMS_MUST_EXIST.patch [bz#1095706]
- kvm-vmstate-add-VMSTATE_VALIDATE.patch [bz#1095706]
- kvm-hpet-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095706]
- kvm-hw-pci-pcie_aer.c-fix-buffer-overruns-on-invalid-sta.patch [bz#1095714]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_load.patch [bz#1095746]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_l2.patch [bz#1095746]
- kvm-usb-fix-up-post-load-checks.patch [bz#1096828]
- kvm-XBZRLE-Fix-qemu-crash-when-resize-the-xbzrle-cache.patch [bz#1110191]
- kvm-Provide-init-function-for-ram-migration.patch [bz#1110191]
- kvm-Init-the-XBZRLE.lock-in-ram_mig_init.patch [bz#1110191]
- kvm-XBZRLE-Fix-one-XBZRLE-corruption-issues.patch [bz#1110191]
- kvm-Count-used-RAMBlock-pages-for-migration_dirty_pages.patch [bz#1110189]
- kvm-qcow-correctly-propagate-errors.patch [bz#1097229]
- kvm-qcow1-Make-padding-in-the-header-explicit.patch [bz#1097229]
- kvm-qcow1-Check-maximum-cluster-size.patch [bz#1097229]
- kvm-qcow1-Validate-L2-table-size-CVE-2014-0222.patch [bz#1097229]
- kvm-qcow1-Validate-image-size-CVE-2014-0223.patch [bz#1097236]
- kvm-qcow1-Stricter-backing-file-length-check.patch [bz#1097236]
- kvm-char-restore-read-callback-on-a-reattached-hotplug-c.patch [bz#1110219]
- kvm-qcow2-Free-preallocated-zero-clusters.patch [bz#1110188]
- kvm-qemu-iotests-Discard-preallocated-zero-clusters.patch [bz#1110188]
- Resolves: bz#1095677
(CVE-2013-4148 qemu-kvm: qemu: virtio-net: buffer overflow on invalid state load [rhel-7.0.z]) - Resolves: bz#1095684
(CVE-2013-4149 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on load [rhel-7.0.z]) - Resolves: bz#1095689
(CVE-2013-4150 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on invalid state load [rhel-7.0.z]) - Resolves: bz#1095694
(CVE-2013-4151 qemu-kvm: qemu: virtio: out-of-bounds buffer write on invalid state load [rhel-7.0.z]) - Resolves: bz#1095706
(CVE-2013-4527 qemu-kvm: qemu: hpet: buffer overrun on invalid state load [rhel-7.0.z]) - Resolves: bz#1095714
(CVE-2013-4529 qemu-kvm: qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load [rhel-7.0.z]) - Resolves: bz#1095737
(CVE-2013-6399 qemu-kvm: qemu: virtio: buffer overrun on incoming migration [rhel-7.0.z]) - Resolves: bz#1095741
(CVE-2013-4542 qemu-kvm: qemu: virtio-scsi: buffer overrun on invalid state load [rhel-7.0.z]) - Resolves: bz#1095746
(CVE-2013-4541 qemu-kvm: qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load [rhel-7.0.z]) - Resolves: bz#1095765
(CVE-2013-4535 CVE-2013-4536 qemu-kvm: qemu: virtio: insufficient validation of num_sg when mapping [rhel-7.0.z]) - Resolves: bz#1095782
(CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z]) - Resolves: bz#1096828
(CVE-2014-3461 qemu-kvm: Qemu: usb: fix up post load checks [rhel-7.0.z]) - Resolves: bz#1097229
(CVE-2014-0222 qemu-kvm: Qemu: qcow1: validate L2 table size to avoid integer overflows [rhel-7.0.z]) - Resolves: bz#1097236
(CVE-2014-0223 qemu-kvm: Qemu: qcow1: validate image size to avoid out-of-bounds memory access [rhel-7.0.z]) - Resolves: bz#1110188
(qcow2 corruptions (leaked clusters after installing a rhel7 guest using virtio_scsi)) - Resolves: bz#1110189
(migration can not finish with 1024k ‘remaining ram’ left after hotunplug 4 nics) - Resolves: bz#1110191
(Reduce the migrate cache size during migration causes qemu segment fault) - Resolves: bz#1110219
(Guest can’t receive any character transmitted from host after hot unplugging virtserialport then hot plugging again)
Related
nessus
nessus
Oracle Linux 7 : qemu-kvm (ELSA-2014-0927)
2014-07-24 00:00:00
CentOS 7 : qemu-kvm (CESA-2014:0927)
2014-07-26 00:00:00
RHEL 7 : qemu-kvm (RHSA-2014:0927)
2014-07-30 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2014-0927)
2015-10-06 00:00:00
RedHat Update for qemu-kvm RHSA-2014:0927-01
2014-07-28 00:00:00
RedHat Update for qemu-kvm RHSA-2014:0743-01
2014-06-17 00:00:00
redhat
redhat
(RHSA-2014:1268) Moderate: qemu-kvm-rhev security update
2014-09-22 00:00:00
(RHSA-2014:0927) Moderate: qemu-kvm security and bug fix update
2014-07-23 00:00:00
(RHSA-2014:0743) Moderate: qemu-kvm security and bug fix update
2014-06-10 00:00:00
centos
centos
libcacard, qemu security update
2014-07-25 13:23:24
qemu security update
2014-06-11 11:37:18
qemu security update
2014-08-19 10:00:56
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:58:38
Arbitrary Code Execution
2019-05-02 04:58:38
Arbitrary Code Execution
2019-05-02 04:58:38
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2014-06-10 00:00:00
qemu-kvm security, bug fix, and enhancement update
2015-03-11 00:00:00
qemu-kvm security and bug fix update
2014-08-19 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: qemu-1.6.2-5.fc20
2014-05-16 10:01:41
[SECURITY] Fedora 20 Update: qemu-1.6.2-6.fc20
2014-06-10 02:56:05
[SECURITY] Fedora 20 Update: qemu-1.6.2-7.fc20
2014-07-26 00:11:13
ubuntu
ubuntu
QEMU vulnerabilities
2014-09-08 00:00:00
mageia
mageia
Updated qemu packages fix multiple security vulnerabilities
2014-10-28 14:33:36
ubuntucve
ubuntucve
securityvulns
securityvulns
[oss-security] Re: CVE request: Qemu: usb: fix up post load checks
2014-05-15 00:00:00
QEMU multiple security vulnerabilities
2014-05-15 00:00:00
[oss-security] CVE-2014-0223 Qemu: qcow1: Validate image size
2014-05-15 00:00:00
ibm
ibm
suse
suse
Security update for KVM (important)
2015-05-22 00:08:52
Security update for xen (important)
2015-11-10 18:10:12
Security update for xen (important)
2015-11-03 11:12:06
prion
prion
cve
cve
debiancve
debiancve
gentoo
gentoo
QEMU: Multiple vulnerabilities
2014-08-30 00:00:00
debian
debian
[SECURITY] [DSA 3045-1] qemu security update
2014-10-04 19:27:38
[SECURITY] [DSA 3044-1] qemu-kvm security update
2014-10-04 19:26:54