53 matches found
virt:ol and virt-devel:ol security update
libvirt 6.0.0-28.1.0.1 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma qemu-kvm 4.2.0-34.el83.5 - kvm-Drop-bogus-IPv6-messages.patch bz1939493 - Resolves: bz1939493 CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability...
MiracleLinux 8 : virt:rhel (AXSA:2020-911:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-911:01 advisory. QEMU: usb: out-of-bounds r/w access issue while processing usb packets CVE-2020-14364 QEMU: slirp: networking out-of-bounds read information disclosu...
EUVD-2021-7720
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-10756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6sendechoreply routine...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:1064)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1064 advisory. - It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Re...
BELL-CVE-2020-10756 CVE-2020-10756 does not affect BellSoft software
Bulletin has no description...
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756 which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756 refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.
...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
Security feature bypass
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
CVE-2021-20295 is a Red Hat–specific regression assigned to the absence of the previously delivered fix for CVE-2020-10756 in virt:rhel/qemu-kvm when updating RHSA-2020:4676 for RHEL 8.3. The issue arose because the update failed to include the fix that had been applied earlier via RHSA-2020:4059...
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1043-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:1947-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2021:1918-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1918-1 advisory. - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6sendechoreply bsc1172380 Tenable has extracted the precedin...
SUSE-SU-2021:1918-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6sendechoreply bsc1172380...
SUSE: Security Advisory (SUSE-SU-2021:1829-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1915-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:1893-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1829-1)
This update for qemu fixes the following issues : Fix OOB access during mmio operations CVE-2020-13754, bsc1172382 Fix sPAPR emulator leaks the host hardware identity CVE-2019-8934, bsc1126455 Fix out-of-bounds read information disclosure in icmp6sendechoreply CVE-2020-10756, bsc1172380 Fix...