Lucene search
OracleLinuxELSA-2017-0454HistoryMar 07, 2017 - 12:00 a.m.
kvm security update
2017-03-0700:00:00
linux.oracle.com
20
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
57.1%
[83-277.0.1.el5_11]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch
[83-277.el5_11] - kvm-Fix-hardware-accelerated-video-to-video-copy-on-Cirr.patch [bz#1421564]
- kvm-cirrus_vga-fix-division-by-0-for-color-expansion-rop.patch [bz#1421564]
- kvm-cirrus-fix-blit-region-check.patch [bz#1421564]
- kvm-cirrus-don-t-overflow-CirrusVGAState-cirrus_bltbuf.patch [bz#1421564]
- kvm-cirrus_vga-fix-off-by-one-in-blit_region_is_unsafe.patch [bz#1421564]
- kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch [bz#1421564]
- kvm-display-cirrus-ignore-source-pitch-value-as-needed-i.patch [bz#1421564]
- kvm-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch [bz#1421564]
- kvm-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch [bz#1421564]
- kvm-cirrus-fix-blit-address-mask-handling.patch [bz#1421564]
- kvm-cirrus-fix-oob-access-issue-CVE-2017-2615.patch [bz#1421564]
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1421564]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1421564]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1421564]
- Resolves: bz#1421564
(CVE-2017-2615 kvm: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-5.11.z])
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 5 | src | kvm | < 83-277.0.1.el5_11 | kvm-83-277.0.1.el5_11.src.rpm |
| oracle linux | 5 | x86_64 | kmod-kvm | < 83-277.0.1.el5_11 | kmod-kvm-83-277.0.1.el5_11.x86_64.rpm |
| oracle linux | 5 | x86_64 | kmod-kvm-debug | < 83-277.0.1.el5_11 | kmod-kvm-debug-83-277.0.1.el5_11.x86_64.rpm |
| oracle linux | 5 | x86_64 | kvm | < 83-277.0.1.el5_11 | kvm-83-277.0.1.el5_11.x86_64.rpm |
| oracle linux | 5 | x86_64 | kvm-qemu-img | < 83-277.0.1.el5_11 | kvm-qemu-img-83-277.0.1.el5_11.x86_64.rpm |
| oracle linux | 5 | x86_64 | kvm-tools | < 83-277.0.1.el5_11 | kvm-tools-83-277.0.1.el5_11.x86_64.rpm |
Related
nessus
nessus
Virtuozzo 7 : kmod-kvm / kmod-kvm-debug / kvm / kvm-qemu-img / etc (VZLSA-2017-0454)
2017-07-13 00:00:00
Virtuozzo 7 : qemu-img / qemu-kvm / qemu-kvm-common / etc (VZLSA-2017-0396)
2017-07-13 00:00:00
RHEL 5 : kvm (RHSA-2017:0454)
2017-03-08 00:00:00
redhat
redhat
(RHSA-2017:0328) Important: qemu-kvm-rhev security update
2017-02-27 23:06:44
(RHSA-2017:0396) Important: qemu-kvm security and bug fix update
2017-03-02 15:22:52
(RHSA-2017:0329) Important: qemu-kvm-rhev security update
2017-02-27 23:06:47
openvas
openvas
CentOS Update for qemu-img CESA-2017:0396 centos7
2017-03-04 00:00:00
Citrix XenServer Multiple Security Updates (CTX220771)
2017-02-22 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2017-1037)
2020-01-23 00:00:00
centos
centos
qemu security update
2017-03-03 13:27:17
kmod, kvm security update
2017-03-08 18:33:47
qemu security update
2017-03-01 12:08:31
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2017-03-02 00:00:00
qemu-kvm security update
2017-03-01 00:00:00
qemu-kvm security and bug fix update
2017-03-27 00:00:00
citrix
citrix
Citrix XenServer Multiple Security Updates
2017-02-21 05:00:00
suse
suse
Security update for xen (important)
2017-03-11 15:07:34
Security update for xen (important)
2017-02-27 18:13:48
Security update for kvm (important)
2017-04-28 21:11:21
osv
osv
qemu - security update
2017-03-01 00:00:00
qemu-kvm - security update
2017-02-28 00:00:00
CVE-2017-2615
2018-07-03 01:29:00
veracode
veracode
Privilege Escalation
2019-01-15 09:15:34
Arbitrary Code Execution
2019-01-15 09:15:42
prion
prion
Out-of-bounds
2018-07-03 01:29:00
Out-of-bounds
2018-07-27 19:29:00
debiancve
debiancve
CVE-2017-2615
2018-07-03 01:29:00
CVE-2017-2620
2018-07-27 19:29:00
xen
xen
oob access in cirrus bitblt copy
2017-02-10 12:43:00
cirrus_bitblt_cputovideo does not check if memory region is safe
2017-02-21 10:42:00
cve
cve
CVE-2017-2615
2018-07-03 01:29:00
CVE-2017-2620
2018-07-27 19:29:00
freebsd
freebsd
xen-tools -- oob access in cirrus bitblt copy
2017-02-10 00:00:00
debian
debian
[SECURITY] [DLA 842-1] qemu-kvm security update
2017-02-28 22:09:32
[SECURITY] [DLA 845-1] qemu security update
2017-03-01 19:51:15
[SECURITY] [DLA 1270-1] xen security update
2018-02-06 12:35:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2017-02-21 00:00:00
Xen: Privilege Escalation
2017-03-28 00:00:00
QEMU: Multiple vulnerabilities
2017-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: xen-4.7.1-9.fc25
2017-03-01 01:30:45
[SECURITY] Fedora 24 Update: xen-4.6.4-8.fc24
2017-03-08 13:33:09
[SECURITY] Fedora 24 Update: xen-4.6.4-7.fc24
2017-02-26 00:21:09
ubuntucve
ubuntucve
CVE-2017-2620
2017-02-22 00:00:00
CVE-2017-2615
2017-02-01 00:00:00
redhatcve
redhatcve
CVE-2017-2615
2019-10-05 06:28:56
CVE-2017-2620
2020-04-04 05:02:19
f5
f5
K41242221 : QEMU vulnerability CVE-2017-2615
2018-10-01 00:00:00
alpinelinux
alpinelinux
CVE-2017-2615
2018-07-03 01:29:00
CVE-2017-2620
2018-07-27 19:29:00
ubuntu
ubuntu
QEMU vulnerabilities
2017-04-20 00:00:00
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
57.1%
Related for ELSA-2017-0454