Several security issues were fixed in QEMU ...
Integer overflows in the processing of packets in network cards emulated
by QEMU, a fast processor emulator, could result in denial of service
In addition this update backports support to passthrough the new CPU
features added in the intel-microcode update shipped in DSA 4273 to
x86-based guests
For the stable distribution (stretch), these proble ...
Synopsis
Moderate: qemu-kvm-ma security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ( ...
Synopsis
Important: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton), Red Hat OpenStack Platform 130 (Queens), and Red Hat OpenStack Platform 140 (Rocky)Red Hat Product Secu ...
Synopsis
Important: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 43Red Hat Product Security has rated this ...
Debian Bug report logs -
#911470
qemu: CVE-2018-18438: Integer overflow in ccid_card_vscard_read() allows memory corruption
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 14:51:02 UTC
...
Debian Bug report logs -
#915884
qemu: CVE-2018-16867: dev-mtp: path traversal in usb_mtp_write_data of the Media Transfer Protocol (MTP)
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 7 Dec 2018 ...
Debian Bug report logs -
#902725
CVE-2018-12617
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Fri, 29 Jun 2018 21:09:06 UTC
Severity: important
Tags: security
Found in version qemu/1:212+dfsg-3
Fixed in ...
Debian Bug report logs -
#911499
qemu: CVE-2018-17958: rtl8139: integer overflow leads to buffer overflow
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 21:15:01 UTC
Severity: import ...
Debian Bug report logs -
#914604
qemu: CVE-2018-18954: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 25 Nov 2018 15:48:01 UTC
Severity: i ...
Debian Bug report logs -
#911468
qemu: CVE-2018-17962: pcnet: integer overflow leads to buffer overflow
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 14:45:03 UTC
Severity: grave
Tag ...
Debian Bug report logs -
#914727
qemu: CVE-2018-19489: 9pfs: crash due to race condition in renaming files
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 26 Nov 2018 18:21:01 UTC
Severity: import ...
Debian Bug report logs -
#901017
qemu: CVE-2018-11806: slirp: heap buffer overflow while reassembling fragmented datagrams
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 8 Jun 2018 03:42:01 UTC
...
Debian Bug report logs -
#910431
qemu: CVE-2018-10839: integer overflow leads to buffer overflow issue
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 6 Oct 2018 07:42:02 UTC
Severity: grave
Tags ...
Debian Bug report logs -
#907500
qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 28 Aug 2018 19:57:04 UTC
Severity: important ...
Debian Bug report logs -
#912535
qemu: CVE-2018-18849
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 1 Nov 2018 07:18:02 UTC
Severity: important
Tags: patch, security, upstream
Found in version ...
Debian Bug report logs -
#911469
qemu: CVE-2018-17963: net: ignore packets with large size
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 14:45:07 UTC
Severity: grave
Tags: security, ...
Debian Bug report logs -
#914599
qemu: CVE-2018-19364: Use-after-free due to race condition while updating fid path
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 25 Nov 2018 15:09:01 UTC
Severit ...