Lucene search
OracleLinuxELSA-2022-5263HistoryJul 04, 2022 - 12:00 a.m.
qemu-kvm security and bug fix update
2022-07-0400:00:00
linux.oracle.com
24
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
[6.2.0-11.el9_0.3]
- kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch [bz#2071102]
- kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch [bz#2075635]
- kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch [bz#2075640]
- Resolves: bz#2071102
(RHEL 9.0 guest with vsock device migration failed from RHEL 9.0 > RHEL 8.6 [rhel-9.0.0.z]) - Resolves: bz#2075635
(CVE-2022-26353 qemu-kvm: QEMU: virtio-net: map leaking on error during receive [rhel-9] [rhel-9.0.0.z]) - Resolves: bz#2075640
(CVE-2022-26354 qemu-kvm: QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak [rhel-9] [rhel-9.0.0.z])
[6.2.0-11.el9_0.2] - kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch [bz#2053584]
- kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch [bz#2053584]
- kvm-vmxcap-Add-5-level-EPT-bit.patch [bz#2038051]
- kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch [bz#2038051]
- kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch [bz#2043531]
- kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch [bz#2043531]
- kvm-tests-acpi-add-SLIC-table-test.patch [bz#2043531]
- kvm-tests-acpi-SLIC-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch [bz#2043531]
- kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch [bz#2043531]
- kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch [bz#2043531]
- kvm-tests-acpi-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch [bz#2043531]
- kvm-rhel-workaround-for-lack-of-binary-patches-in-SRPM.patch [bz#2043531]
- Resolves: bz#2053584
(watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843]) - Resolves: bz#2038051
(Win11 (q35+edk2) guest broke after install wsl2 through ‘wsl --install -d Ubuntu-20.04’) - Resolves: bz#2043531
(Guest can not start with SLIC acpi table)
[6.2.0-11.el9_0.1] - kvm-RHEL-mark-old-machine-types-as-deprecated.patch [bz#2052050]
- kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch [bz#2059786]
- kvm-spec-Fix-obsolete-for-spice-subpackages.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-old-usb-redir-subpackage.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-ssh-driver.patch [bz#2059175 bz#2059146]
Related
nessus
nessus
AlmaLinux 9 : qemu-kvm (ALSA-2022:5263)
2022-11-16 00:00:00
RHEL 9 : qemu-kvm (RHSA-2022:5263)
2022-07-01 00:00:00
Oracle Linux 7 : qemu (ELSA-2022-9432)
2022-05-27 00:00:00
almalinux
almalinux
Moderate: qemu-kvm security and bug fix update
2022-07-01 00:00:00
osv
osv
Moderate: qemu-kvm security and bug fix update
2022-07-01 00:00:00
redhat
redhat
oraclelinux
oraclelinux
qemu security update
2022-05-26 00:00:00
kvm_utils security update
2022-06-06 00:00:00
virt:ol and virt-devel:ol security, bug fix, and enhancement update
2022-08-05 00:00:00
suse
suse
Security update for qemu (important)
2022-07-04 00:00:00
Security update for qemu (important)
2022-07-04 00:00:00
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-08-02 07:04:52
debian
debian
[SECURITY] [DSA 5133-1] qemu security update
2022-05-09 20:44:24
[SECURITY] [DLA 2970-1] qemu security update
2022-04-04 13:21:47
[SECURITY] [DLA 3099-1] qemu security update
2022-09-05 03:28:05
cnvd
cnvd
QEMU Denial of Service Vulnerability (CNVD-2022-84161)
2022-03-18 00:00:00
alpinelinux
alpinelinux
CVE-2022-26354
2022-03-16 15:15:00
ubuntucve
ubuntucve
CVE-2022-26354
2022-03-16 00:00:00
CVE-2022-26353
2022-03-16 00:00:00
debiancve
debiancve
CVE-2022-26354
2022-03-16 15:15:00
CVE-2022-26353
2022-03-16 15:15:00
cbl_mariner
cbl_mariner
CVE-2022-26353 affecting package qemu 6.2.0-18
2024-03-19 17:21:46
CVE-2022-26354 affecting package qemu 6.2.0-18
2024-03-19 17:21:46
CVE-2022-26354 affecting package qemu-kvm 4.2.0-44
2023-01-12 20:55:00
f5
f5
K50401227 : Linux kernel vulnerability CVE-2022-26354
2022-04-19 00:00:00
K63714476 : Linux kernel vulnerabilities CVE-2022-26353 and CVE-2021-3748
2022-04-19 00:00:00
veracode
veracode
Out Of Bound Reads
2022-04-09 08:42:10
Memory Leak
2022-04-27 08:09:27
prion
prion
Design/Logic Flaw
2022-03-16 15:15:00
Design/Logic Flaw
2022-03-16 15:15:00
cve
cve
CVE-2022-26354
2022-03-16 15:15:00
CVE-2022-26353
2022-03-16 15:15:00
redhatcve
redhatcve
CVE-2022-26354
2022-03-11 16:45:36
CVE-2022-26353
2022-03-11 14:16:08
ubuntu
ubuntu
QEMU vulnerabilities
2022-06-21 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related for ELSA-2022-5263