Lucene search

K
oraclelinuxOracleLinuxELSA-2020-4059
HistoryOct 01, 2020 - 12:00 a.m.

virt:ol security update

2020-10-0100:00:00
linux.oracle.com
15

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

qemu-kvm
[2.12.0-99.0.1.el8_2.4]

  • Added bug30251155-remove-upstream-reference [Orabug: 30251155]
    [2.12.0-99.el8_2.4]
  • kvm-usb-fix-setup_len-init-CVE-2020-14364.patch [bz#1869708]
  • Resolves: bz#1869708
    (CVE-2020-14364 qemu-kvm: QEMU: usb: out-of-bounds r/w access issue while processing usb packets [rhel-8.2.0.z])
    [2.12.0-99.el8_2.3]
  • kvm-Drop-bogus-IPv6-messages.patch [bz#1838092 bz#1867075 bz#1870421]
  • Resolves: bz#1838092
    (CVE-2020-10756 virt:8.2/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability [rhel-av-8])
  • Resolves: bz#1867075
    (CVE-2020-10756 virt:8.3/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability [rhel-av-8])
  • Resolves: bz#1870421
    (CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability [rhel-8.2.0.z])

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P