(RHSA-2018:3062) Low: qemu-kvm-ma security, bug fix, and enhancement update

ID RHSA-2018:3062
Type redhat
Reporter RedHat
Modified 2018-10-30T09:26:11


Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.

The following packages have been upgraded to a later upstream version: qemu-kvm-ma (2.12.0). (BZ#1562219)

Security Fix(es):

  • Qemu: memory exhaustion through framebuffer update request message in VNC server (CVE-2017-15124)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by Daniel Berrange (Red Hat).

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.