[FEDORA-2018-74fb8b257b] Fedora 28: qemu

Severity Critical

Affected Packages 1

CVEs 4

CVE-2017-16845: ps2: information leakage via post_load (bz #1514150) * CVE-2018-11806: slirp: heap buffer overflow while reassembling fragmented datagrams (bz #1586249) * CVE-2018-12617: qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read (bz #1594055) * Fix qemu-arm- static slowness (bz #1589506)

Package	Affected Version
pkg:rpm/fedora/qemu?distro=fedora-28	< 2.11.2.2.fc28

ID

FEDORA-2018-74fb8b257b

Severity

critical

Severity from

CVE-2017-16845

URL

https://bodhi.fedoraproject.org/updates/FEDORA-2018-74fb8b257b

Published

2018-08-24T08:06:03
(6 years ago)

Modified

2018-08-24T08:06:03
(6 years ago)

Rights

Copyright 2018 Red Hat, Inc.

Other Advisories

Source	# ID	Name	URL
Bugzilla	1594054	Bug #1594054 - CVE-2018-12617 qemu: qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read() with g_malloc()	https://bugzilla.redhat.com/show_bug.cgi?id=1594054
Bugzilla	1586245	Bug #1586245 - CVE-2018-11806 QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams	https://bugzilla.redhat.com/show_bug.cgi?id=1586245
Bugzilla	1514148	Bug #1514148 - CVE-2017-16845 Qemu: ps2: information leakage via post_load routine	https://bugzilla.redhat.com/show_bug.cgi?id=1514148

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/fedora/qemu?distro=fedora-28	fedora	qemu	< 2.11.2.2.fc28	fedora-28

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date