Synopsis
Important: qemu-kvm security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Important: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for RHEV 3X Hypervisor and Agents for RHEL-7 and RHEV 4X RHEV-H and Agents for RHEL-7Red Hat Product Security has rated this update as having a secur ...
Several security issues were fixed in QEMU ...
USN-3414-1 introduced a regression in QEMU ...
Multiple vulnerabilities were found in qemu, a fast processor emulator:
CVE-2017-9524
Denial of service in qemu-nbd server
CVE-2017-10806
Buffer overflow in USB redirector
CVE-2017-11334
Out-of-band memory access in DMA operations
CVE-2017-11434
Out-of-band memory access in SLIRP/DHCP
For the stable distribution (stretch), these p ...
Debian Bug report logs -
#864568
qemu: CVE-2017-9374: usb: ehci host memory leakage during hotunplug
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 10 Jun 2017 19:27:01 UTC
Severity: serious
Tags ...
Debian Bug report logs -
#864219
qemu: CVE-2017-9375: usb: xhci infinite recursive call via xhci_kick_ep
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:48:01 UTC
Severity: serious
...
Debian Bug report logs -
#867751
qemu: CVE-2017-10806: usb-redirect: stack buffer overflow in debug logging
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 9 Jul 2017 08:18:10 UTC
Severity: minor ...
Debian Bug report logs -
#865754
qemu: CVE-2017-9503: megasas: null pointer dereference while processing megasas command
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:09:02 UTC
Se ...
Debian Bug report logs -
#864216
qemu: CVE-2017-9373 ide: ahci host memory leakage during hotunplug
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:42:05 UTC
Severity: serious
Tags: ...
Debian Bug report logs -
#866674
qemu: CVE-2017-10664: qemu-nbd: server breaks with SIGPIPE upon client abort
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 30 Jun 2017 19:03:01 UTC
Severity: ser ...
Debian Bug report logs -
#863840
qemu: CVE-2017-9310: net: infinite loop in e1000e NIC emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 31 May 2017 20:21:02 UTC
Severity: serious
Tags: fi ...
Debian Bug report logs -
#863943
qemu: CVE-2017-9330: usb: ohci: infinite loop due to incorrect return value
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 2 Jun 2017 06:21:01 UTC
Severity: seri ...
Debian Bug report logs -
#869171
qemu: CVE-2017-11434: slirp: out-of-bounds read while parsing dhcp options
Package:
qemu;
Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon)
Reported by: Guido Günther <agx@sigxcpuorg>
Date: Fri, 21 Jul ...
Debian Bug report logs -
#865755
qemu: CVE-2017-9524: nbd: segmentation fault due to client non-negotiation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:21:01 UTC
Severity: serio ...
Debian Bug report logs -
#869173
qemu: CVE-2017-11334: exec: oob access during dma operation
Package:
qemu;
Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon)
Reported by: Guido Günther <agx@sigxcpuorg>
Date: Fri, 21 Jul 2017 09:33:02 ...