OracleLinuxELSA-2017-1681qemu-kvm security update
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.026 Low
EPSS
Percentile
89.1%
[1.5.3-126.el7_3.10]
- kvm-nbd-Fully-initialize-client-in-case-of-failed-negoti.patch [bz#1460179]
- kvm-nbd-Fix-regression-on-resiliency-to-port-scan.patch [bz#1460179]
- Resolves: bz#1460179
(CVE-2017-9524 qemu-kvm: Qemu: nbd: segmentation fault due to client non-negotiation [rhel-7.3.z])
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | qemu-kvm | < 1.5.3-126.el7_3.10 | qemu-kvm-1.5.3-126.el7_3.10.src.rpm |
| oracle linux | 7 | x86_64 | qemu-img | < 1.5.3-126.el7_3.10 | qemu-img-1.5.3-126.el7_3.10.x86_64.rpm |
| oracle linux | 7 | x86_64 | qemu-kvm | < 1.5.3-126.el7_3.10 | qemu-kvm-1.5.3-126.el7_3.10.x86_64.rpm |
| oracle linux | 7 | x86_64 | qemu-kvm-common | < 1.5.3-126.el7_3.10 | qemu-kvm-common-1.5.3-126.el7_3.10.x86_64.rpm |
| oracle linux | 7 | x86_64 | qemu-kvm-tools | < 1.5.3-126.el7_3.10 | qemu-kvm-tools-1.5.3-126.el7_3.10.x86_64.rpm |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.026 Low
EPSS
Percentile
89.1%