[ELSA-2018-2162] qemu-kvm security update
[0.12.1.2-2.506.el6_10.1]
- qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch [bz#1574074]
- qemu-kvm-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch [bz#1574074]
- qemu-kvm-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch [bz#1574074]
- Resolves: bz#1574074
(CVE-2018-3639 qemu-kvm: hw: cpu: speculative store bypass [rhel-6.10.z])
[0.12.1.2-2.506.el6]
- kvm-vga-add-share_surface-flag.patch [bz#1553674]
- kvm-vga-add-sanity-checks.patch [bz#1553674]
- Resolves: bz#1553674
(CVE-2018-7858 qemu-kvm: Qemu: cirrus: OOB access when updating vga display [rhel-6])
[0.12.1.2-2.505.el6]
- kvm-target-i386-add-support-for-SPEC_CTRL-MSR.patch [bz#1525939 bz#1528024]
- kvm-target-i386-cpu-add-new-CPUID-bits-for-indirect-bran.patch [bz#1525939 bz#1528024]
- kvm-target-i386-cpu-add-new-CPU-models-for-indirect-bran.patch [bz#1525939 bz#1528024]
- kvm-cirrus-fix-oob-access-in-mode4and5-write-functions.patch [bz#1501298]
- kvm-vga-stop-passing-pointers-to-vga_draw_line-functions.patch [bz#1486641]
- kvm-vga-check-the-validation-of-memory-addr-when-draw-te.patch [bz#1534692]
- Resolves: bz#1486641
(CVE-2017-13672 qemu-kvm-rhev: Qemu: vga: OOB read access during display update [rhel-6.10])
- Resolves: bz#1501298
(CVE-2017-15289 qemu-kvm: Qemu: cirrus: OOB access issue in mode4and5 write functions [rhel-6.10])
- Resolves: bz#1525939
(CVE-2017-5715 qemu-kvm: hw: cpu: speculative execution branch target injection [rhel-6.10])
- Resolves: bz#1528024
(CVE-2017-5715 qemu-kvm-rhev: hw: cpu: speculative execution branch target injection [rhel-6.10])
- Resolves: bz#1534692
(CVE-2018-5683 qemu-kvm: Qemu: Out-of-bounds read in vga_draw_text routine [rhel-6.10])
- Resolves: bz#1549152
(qemu-kvm-rhev: remove unused patch file [rhel-6.10])
[0.12.1.2-2.504.el6]
- kvm-vnc-apply-display-size-limits.patch [bz#1430616 bz#1430617]
- kvm-fix-cirrus_vga-fix-OOB-read-case-qemu-Segmentation-f.patch [bz#1443448 bz#1443450]
- kvm-cirrus-vnc-zap-bitblit-support-from-console-code.patch [bz#1443448 bz#1443450 bz#1447542 bz#1447545]
- kvm-cirrus-avoid-write-only-variables.patch [bz#1444378 bz#1444380]
- kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch [bz#1444378 bz#1444380]
- kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch [bz#1444378 bz#1444380]
- kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran.patch [bz#1444378 bz#1444380]
- kvm-cirrus-fix-PUTPIXEL-macro.patch [bz#1444378 bz#1444380]
- Resolves: bz#1430616
(CVE-2017-2633 qemu-kvm: Qemu: VNC: memory corruption due to unchecked resolution limit [rhel-6.10])
- Resolves: bz#1430617
(CVE-2017-2633 qemu-kvm-rhev: Qemu: VNC: memory corruption due to unchecked resolution limit [rhel-6.10])
- Resolves: bz#1443448
(CVE-2017-7718 qemu-kvm: Qemu: display: cirrus: OOB read access issue [rhel-6.10])
- Resolves: bz#1443450
(CVE-2017-7718 qemu-kvm-rhev: Qemu: display: cirrus: OOB read access issue [rhel-6.10])
- Resolves: bz#1444378
(CVE-2017-7980 qemu-kvm: Qemu: display: cirrus: OOB r/w access issues in bitblt routines [rhel-6.10])
- Resolves: bz#1444380
(CVE-2017-7980 qemu-kvm-rhev: Qemu: display: cirrus: OOB r/w access issues in bitblt routines [rhel-6.10])
- Resolves: bz#1447542
(CVE-2016-9603 qemu-kvm: Qemu: cirrus: heap buffer overflow via vnc connection [rhel-6.10])
- Resolves: bz#1447545
(CVE-2016-9603 qemu-kvm-rhev: Qemu: cirrus: heap buffer overflow via vnc connection [rhel-6.10])
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/qemu-kvm?distro=oraclelinux-6.10 | < 0.12.1.2-2.506.el6_10.1 |
pkg:rpm/oraclelinux/qemu-kvm-tools?distro=oraclelinux-6.10 | < 0.12.1.2-2.506.el6_10.1 |
pkg:rpm/oraclelinux/qemu-img?distro=oraclelinux-6.10 | < 0.12.1.2-2.506.el6_10.1 |
pkg:rpm/oraclelinux/qemu-guest-agent?distro=oraclelinux-6.10 | < 0.12.1.2-2.506.el6_10.1 |
- ID
- ELSA-2018-2162
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2018-2162.html
- Published
-
2018-07-10T00:00:00
(6 years ago) - Modified
-
2018-07-10T00:00:00
(6 years ago) - Rights
- Copyright 2018 Oracle, Inc.
- Other Advisories
-
- ALAS-2018-1034
- ALAS-2018-1037
- ALAS-2018-1038
- ALAS-2018-1039
- ALAS2-2018-1033
- ALAS2-2018-1034
- ALAS2-2018-1037
- ALAS2-2018-1038
- ALAS2-2018-1039
- ALAS2-2018-1049
- ALPINE:CVE-2018-3639
- CISCO-SA-20180521-CPUSIDECHANNEL
- DSA-3991-1
- DSA-4210-1
- DSA-4213-1
- DSA-4273-1
- DSA-4273-2
- ELSA-2018-0816
- ELSA-2018-1416
- ELSA-2018-1629
- ELSA-2018-1632
- ELSA-2018-1633
- ELSA-2018-1647
- ELSA-2018-1648
- ELSA-2018-1649
- ELSA-2018-1650
- ELSA-2018-1651
- ELSA-2018-1660
- ELSA-2018-1669
- ELSA-2018-1854
- ELSA-2018-1965
- ELSA-2018-1997
- ELSA-2018-2001
- ELSA-2018-2164
- ELSA-2018-4114
- ELSA-2018-4126
- ELSA-2018-4198
- ELSA-2018-4235
- ELSA-2018-4285
- ELSA-2018-4289
- ELSA-2019-4531
- ELSA-2019-4585
- FEDORA-2017-5bcddc1984
- FEDORA-2017-9149114fba
- FEDORA-2017-b4329d6ee5
- FEDORA-2017-d4709b0d8b
- FEDORA-2018-0edb45d9db
- FEDORA-2018-1621b2204a
- FEDORA-2018-1a467757ce
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-2a0f8b2c9d
- FEDORA-2018-2b053454a4
- FEDORA-2018-2c6bd93875
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-3857a8b41a
- FEDORA-2018-44f8a7454d
- FEDORA-2018-49bda79bd5
- FEDORA-2018-50075276e8
- FEDORA-2018-527698a904
- FEDORA-2018-537c8312fc
- FEDORA-2018-5521156807
- FEDORA-2018-59e4747e0f
- FEDORA-2018-6367a17aa3
- FEDORA-2018-683dfde81a
- FEDORA-2018-6c1be5e1c8
- FEDORA-2018-6e8c330d50
- FEDORA-2018-73dd8de892
- FEDORA-2018-74fb8b257b
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-7cd077ddd3
- FEDORA-2018-8422d94975
- FEDORA-2018-8484550fff
- FEDORA-2018-915602df63
- FEDORA-2018-93af520878
- FEDORA-2018-93c2e74446
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9d0e4e40b5
- FEDORA-2018-9f02e5ed7b
- FEDORA-2018-9f4381d8c4
- FEDORA-2018-a0914af224
- FEDORA-2018-a7862a75f5
- FEDORA-2018-aec846c0ef
- FEDORA-2018-b57db4753c
- FEDORA-2018-b68776e5b0
- FEDORA-2018-b997780dca
- FEDORA-2018-bb7aab12cb
- FEDORA-2018-c0a1284064
- FEDORA-2018-c449dc1c9c
- FEDORA-2018-ca0e10fc6e
- FEDORA-2018-cc812838fb
- FEDORA-2018-d3cb6f113c
- FEDORA-2018-d77cc41f35
- FEDORA-2018-d82a45d9ab
- FEDORA-2018-d92fde52d7
- FEDORA-2018-db0d3e157e
- FEDORA-2018-ddbaca855e
- FEDORA-2018-e820fccd83
- FEDORA-2018-e8f793bbfc
- FEDORA-2018-eb69078020
- FEDORA-2018-f1b818a5c9
- FEDORA-2018-f20a0cead5
- FEDORA-2018-f8cba144ae
- FEDORA-2018-fe24359b69
- FEDORA-2019-16de0047d4
- FEDORA-2019-196ab64d65
- FEDORA-2019-1b986880ea
- FEDORA-2019-20a89ca9af
- FEDORA-2019-337484d88b
- FEDORA-2019-3854a1727e
- FEDORA-2019-3da64f3e61
- FEDORA-2019-3f9a71578d
- FEDORA-2019-4002b91800
- FEDORA-2019-509c133845
- FEDORA-2019-65c6d11eba
- FEDORA-2019-6e146a714c
- FEDORA-2019-7d3500d712
- FEDORA-2019-8f2b27efce
- FEDORA-2019-a6cd583a8d
- FEDORA-2019-a87aba290f
- FEDORA-2019-bce6498890
- FEDORA-2019-c36afa818c
- FEDORA-2019-c701e6605a
- FEDORA-2019-ce2933b003
- FEDORA-2019-ec644ec323
- GLSA-201804-08
- openSUSE-SU-2019:1438-1
- openSUSE-SU-2020:1325-1
- RHSA-2018:0816
- RHSA-2018:1416
- RHSA-2018:1629
- RHSA-2018:1630
- RHSA-2018:1632
- RHSA-2018:1633
- RHSA-2018:1647
- RHSA-2018:1648
- RHSA-2018:1649
- RHSA-2018:1650
- RHSA-2018:1651
- RHSA-2018:1660
- RHSA-2018:1669
- RHSA-2018:1854
- RHSA-2018:1965
- RHSA-2018:1997
- RHSA-2018:2001
- RHSA-2018:2003
- RHSA-2018:2162
- RHSA-2018:2164
- SSA:2018-208-01
- SUSE-SU-2017:2924-1
- SUSE-SU-2017:2936-1
- SUSE-SU-2017:2946-1
- SUSE-SU-2017:2963-1
- SUSE-SU-2017:2969-1
- SUSE-SU-2017:3084-1
- SUSE-SU-2017:3236-1
- SUSE-SU-2017:3239-1
- SUSE-SU-2017:3242-1
- SUSE-SU-2018:0438-1
- SUSE-SU-2018:0472-1
- SUSE-SU-2018:0601-1
- SUSE-SU-2018:0609-1
- SUSE-SU-2018:0638-1
- SUSE-SU-2018:0678-1
- SUSE-SU-2018:0762-1
- SUSE-SU-2018:0831-1
- SUSE-SU-2018:1077-1
- SUSE-SU-2018:1308-1
- SUSE-SU-2018:1362-1
- SUSE-SU-2018:1362-2
- SUSE-SU-2018:1363-1
- SUSE-SU-2018:1366-1
- SUSE-SU-2018:1368-1
- SUSE-SU-2018:1374-1
- SUSE-SU-2018:1375-1
- SUSE-SU-2018:1376-1
- SUSE-SU-2018:1377-1
- SUSE-SU-2018:1377-2
- SUSE-SU-2018:1378-1
- SUSE-SU-2018:1386-1
- SUSE-SU-2018:1389-1
- SUSE-SU-2018:1452-1
- SUSE-SU-2018:1456-1
- SUSE-SU-2018:1475-1
- SUSE-SU-2018:1479-1
- SUSE-SU-2018:1582-1
- SUSE-SU-2018:1603-1
- SUSE-SU-2018:1614-1
- SUSE-SU-2018:1614-2
- SUSE-SU-2018:1658-1
- SUSE-SU-2018:1699-1
- SUSE-SU-2018:1699-2
- SUSE-SU-2018:1816-1
- SUSE-SU-2018:1846-1
- SUSE-SU-2018:1926-1
- SUSE-SU-2018:1935-1
- SUSE-SU-2018:1935-2
- SUSE-SU-2018:2076-1
- SUSE-SU-2018:2082-1
- SUSE-SU-2018:2092-1
- SUSE-SU-2018:2141-1
- SUSE-SU-2018:2304-1
- SUSE-SU-2018:2331-1
- SUSE-SU-2018:2331-2
- SUSE-SU-2018:2335-1
- SUSE-SU-2018:2338-1
- SUSE-SU-2018:2340-1
- SUSE-SU-2018:2528-1
- SUSE-SU-2018:2556-1
- SUSE-SU-2018:2565-1
- SUSE-SU-2018:2615-1
- SUSE-SU-2018:2650-1
- SUSE-SU-2018:2973-1
- SUSE-SU-2018:2973-2
- SUSE-SU-2018:3064-1
- SUSE-SU-2018:3064-2
- SUSE-SU-2018:3064-3
- SUSE-SU-2018:3555-1
- SUSE-SU-2019:0049-1
- SUSE-SU-2019:0049-2
- SUSE-SU-2019:0148-1
- SUSE-SU-2019:0489-1
- SUSE-SU-2019:0582-1
- SUSE-SU-2019:0825-1
- SUSE-SU-2019:0827-1
- SUSE-SU-2019:1211-1
- SUSE-SU-2019:1211-2
- SUSE-SU-2019:1219-1
- SUSE-SU-2019:2028-1
- SUSE-SU-2020:2540-1
- SUSE-SU-2020:2605-1
- SUSE-SU-2021:3007-1
- SUSE-SU-2021:3969-1
- SUSE-SU-2023:3324-1
- SUSE-SU-2023:3333-1
- SUSE-SU-2023:3349-1
- USN-3575-1
- USN-3649-1
- USN-3651-1
- USN-3652-1
- USN-3653-1
- USN-3653-2
- USN-3654-1
- USN-3654-2
- USN-3655-1
- USN-3655-2
- USN-3679-1
- USN-3680-1
- USN-3756-1
- USN-3777-3
- VU:180049
- XSA-263
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2018-2162 | http://linux.oracle.com/errata/ELSA-2018-2162.html | |
CVE | CVE-2018-5683 | http://linux.oracle.com/cve/CVE-2018-5683.html | |
CVE | CVE-2017-13672 | http://linux.oracle.com/cve/CVE-2017-13672.html | |
CVE | CVE-2018-7858 | http://linux.oracle.com/cve/CVE-2018-7858.html | |
CVE | CVE-2018-3639 | http://linux.oracle.com/cve/CVE-2018-3639.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/qemu-kvm?distro=oraclelinux-6.10 | oraclelinux | qemu-kvm | < 0.12.1.2-2.506.el6_10.1 | oraclelinux-6.10 | ||
Affected | pkg:rpm/oraclelinux/qemu-kvm-tools?distro=oraclelinux-6.10 | oraclelinux | qemu-kvm-tools | < 0.12.1.2-2.506.el6_10.1 | oraclelinux-6.10 | ||
Affected | pkg:rpm/oraclelinux/qemu-img?distro=oraclelinux-6.10 | oraclelinux | qemu-img | < 0.12.1.2-2.506.el6_10.1 | oraclelinux-6.10 | ||
Affected | pkg:rpm/oraclelinux/qemu-guest-agent?distro=oraclelinux-6.10 | oraclelinux | qemu-guest-agent | < 0.12.1.2-2.506.el6_10.1 | oraclelinux-6.10 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |