Debian Bug report logs -
#933741
qemu: CVE-2019-14378: heap buffer overflow during packet reassembly
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 2 Aug 2019 19:12:01 UTC
Severity: grave
Tags: ...
Several security issues were fixed in QEMU ...
Several security issues were fixed in QEMU ...
Multiple security issues were discovered in QEMU, a fast processor
emulator, which could result in denial of service, the execution of
arbitrary code or bypass of ACLs
For the stable distribution (buster), these problems have been fixed in
version 1:31+dfsg-8+deb10u2
We recommend that you upgrade your qemu packages
For the detailed security sta ...
Multiple security issues were discovered in QEMU, a fast processor
emulator, which could result in denial of service, the execution of
arbitrary code or bypass of ACLs
In addition this update fixes a regression which could cause NBD
connections to hang
For the oldstable distribution (stretch), these problems have been fixed
in version 1:28+dfsg- ...
ip_reass in ip_inputc in libslirp 400 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment (CVE-2019-14378) ...
Synopsis
Important: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 43Red Hat Product Security has rated this ...
Synopsis
Important: qemu-kvm-rhev bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization for Red Hat Virtualization Host 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerabilit ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 130 (Queens)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 43Red Hat Product Security has rated this update as havi ...
Synopsis
Important: container-tools:rhel8 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Im ...
Synopsis
Important: container-tools:10 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for the container-tools:10 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common ...
Synopsis
Important: qemu-kvm-ma security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: qemu-kvm security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 140 (Rocky)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: qemu-kvm-ma security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Important: qemu-kvm security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: slirp4netns security update
Type/Severity
Security Advisory: Important
Topic
An update for slirp4netns is now available for Red Hat Enterprise Linux 7 ExtrasRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...
Synopsis
Important: qemu-kvm security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
qemu-seccompc in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread (CVE-2018-15746)
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator This flaw occurs in the ip_reass() routine whi ...
Impact:
Important
Public Date:
2019-07-28
CWE:
CWE-122
Bugzilla:
1734745:
CVE-2019-14378 QEMU: slirp: h ...