[ELSA-2019-4640] qemu security update
[15:3.1.0-3.el7]
- x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as
fixed (Mark Kanda) [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127}
{CVE-2018-12130} {CVE-2019-11091}
[15:3.1.0-2.el7]
- x86: Add mds feature (Karl Heubaum)
- e1000: Never increment the RX undersize count register (Chris Kenna)
- qemu.spec: audioflags set but never passed to configure script (Liam Merwick) [Orabug: 29715562]
- parfait: deal with parfait returning non-zero return value (Liam Merwick) [Orabug: 29715548]
- parfait: use nproc to choose default number of threads (Liam Merwick) [Orabug: 29715548]
- parfait: provide option to upload results (Liam Merwick) [Orabug: 29715548]
- parfait: disable misaligned-access check (Liam Merwick) [Orabug: 29715548]
- Document CVE-2019-8934 and CVE-2019-5008 as fixed (Mark Kanda) [Orabug: 29715605] {CVE-2019-5008} {CVE-2019-8934}
- device_tree.c: Don't use load_image() (Peter Maydell) [Orabug: 29715527] {CVE-2018-20815}
- slirp: check sscanf result when emulating ident (William Bowling) [Orabug: 29715525] {CVE-2019-9824}
- i2c-ddc: fix oob read (Gerd Hoffmann) [Orabug: 29715520] {CVE-2019-3812}
- scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini) [Orabug: 29259700] {CVE-2019-6501}
- slirp: check data length while emulating ident function (Prasad J Pandit) [Orabug: 29715755] {CVE-2019-6778}
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/qemu?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-system-aarch64?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-system-aarch64-core?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-kvm?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-kvm-core?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-img?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-common?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-block-rbd?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-block-iscsi?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/qemu-block-gluster?distro=oraclelinux-7 | < 3.1.0-3.el7 |
pkg:rpm/oraclelinux/ivshmem-tools?distro=oraclelinux-7 | < 3.1.0-3.el7 |
- ID
- ELSA-2019-4640
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2019-4640.html
- Published
-
2019-05-14T00:00:00
(5 years ago) - Modified
-
2019-05-14T00:00:00
(5 years ago) - Rights
- Copyright 2019 Oracle, Inc.
- Other Advisories
-
- ALAS-2019-1205
- ALAS-2019-1260
- ALAS-2020-1400
- ALAS-2020-1408
- ALAS2-2019-1205
- ALAS2-2019-1248
- ALAS2-2019-1274
- ALAS2-2020-1467
- ALPINE:CVE-2018-12126
- ALPINE:CVE-2018-12127
- ALPINE:CVE-2018-12130
- ALPINE:CVE-2019-11091
- ALSA-2019:3345
- DSA-4444-1
- DSA-4447-1
- DSA-4454-1
- DSA-4506-1
- ELSA-2019-1167
- ELSA-2019-1168
- ELSA-2019-1169
- ELSA-2019-1175
- ELSA-2019-1177
- ELSA-2019-1178
- ELSA-2019-1180
- ELSA-2019-1181
- ELSA-2019-1650
- ELSA-2019-1883
- ELSA-2019-2078
- ELSA-2019-2892
- ELSA-2019-4556
- ELSA-2019-4628
- ELSA-2019-4629
- ELSA-2019-4630
- ELSA-2019-4636
- ELSA-2019-4637
- ELSA-2019-4643
- ELSA-2019-4669
- ELSA-2019-4672
- ELSA-2019-4675
- ELSA-2019-4702
- ELSA-2019-4713
- ELSA-2019-4714
- ELSA-2019-4732
- FEDORA-2019-021c968423
- FEDORA-2019-0332a96d31
- FEDORA-2019-057d691fd4
- FEDORA-2019-0664c7724d
- FEDORA-2019-124a241044
- FEDORA-2019-15e141c6a7
- FEDORA-2019-1689d3fe07
- FEDORA-2019-1f5832fc0e
- FEDORA-2019-2e12bd3a9a
- FEDORA-2019-3d7105bd2a
- FEDORA-2019-41e28660ae
- FEDORA-2019-48b34fc991
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-52a8f5468e
- FEDORA-2019-5f105dd2b6
- FEDORA-2019-640f8d8dd1
- FEDORA-2019-6458474bf2
- FEDORA-2019-6817686c4d
- FEDORA-2019-69c132b061
- FEDORA-2019-6bda4c81f4
- FEDORA-2019-6c3d89b3d0
- FEDORA-2019-6e146a714c
- FEDORA-2019-7a3fc17778
- FEDORA-2019-7aecfe1c4b
- FEDORA-2019-7ec378191e
- FEDORA-2019-8169b57f28
- FEDORA-2019-83858fc57b
- FEDORA-2019-865bb16900
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-88a98ce795
- FEDORA-2019-899ef6056c
- FEDORA-2019-914542e05c
- FEDORA-2019-9210998aaa
- FEDORA-2019-97380355ae
- FEDORA-2019-9d3fe6fd5b
- FEDORA-2019-a570a92d5a
- FEDORA-2019-a95015e60f
- FEDORA-2019-aeda234b68
- FEDORA-2019-b2dfb13daf
- FEDORA-2019-b318b2c6f3
- FEDORA-2019-c03eda3cc6
- FEDORA-2019-c36afa818c
- FEDORA-2019-cbb732f760
- FEDORA-2019-e3010166bd
- FEDORA-2019-e37c348348
- FEDORA-2019-e6bf55e821
- FEDORA-2019-e9de40d53f
- FEDORA-2019-f40bd7826f
- FEDORA-2019-f910d35647
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-2d9a75fadb
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-fe00e12580
- FREEBSD:FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9
- GLSA-201904-25
- GLSA-202003-56
- MS:CVE-2018-19665
- openSUSE-SU-2019:0254-1
- openSUSE-SU-2019:1402-1
- openSUSE-SU-2019:1403-1
- openSUSE-SU-2019:1404-1
- openSUSE-SU-2019:1405-1
- openSUSE-SU-2019:1468-1
- openSUSE-SU-2019:1505-1
- openSUSE-SU-2019:1805-1
- openSUSE-SU-2019:1806-1
- openSUSE-SU-2019:2044-1
- openSUSE-SU-2020:0468-1
- RHSA-2019:1167
- RHSA-2019:1168
- RHSA-2019:1169
- RHSA-2019:1174
- RHSA-2019:1175
- RHSA-2019:1176
- RHSA-2019:1177
- RHSA-2019:1178
- RHSA-2019:1180
- RHSA-2019:1181
- RHSA-2019:1650
- RHSA-2019:1881
- RHSA-2019:1883
- RHSA-2019:2078
- RHSA-2019:2166
- RHSA-2019:2892
- RHSA-2019:3345
- RLSA-2019:3345
- SUSE-SU-2018:3975-1
- SUSE-SU-2018:3987-1
- SUSE-SU-2019:0003-1
- SUSE-SU-2019:0020-1
- SUSE-SU-2019:0423-1
- SUSE-SU-2019:0435-1
- SUSE-SU-2019:0457-1
- SUSE-SU-2019:0471-1
- SUSE-SU-2019:0471-2
- SUSE-SU-2019:0489-1
- SUSE-SU-2019:0582-1
- SUSE-SU-2019:0825-1
- SUSE-SU-2019:0827-1
- SUSE-SU-2019:0891-1
- SUSE-SU-2019:0921-1
- SUSE-SU-2019:1235-1
- SUSE-SU-2019:1236-1
- SUSE-SU-2019:1238-1
- SUSE-SU-2019:1239-1
- SUSE-SU-2019:1240-1
- SUSE-SU-2019:1241-1
- SUSE-SU-2019:1242-1
- SUSE-SU-2019:1243-1
- SUSE-SU-2019:1244-1
- SUSE-SU-2019:1245-1
- SUSE-SU-2019:1248-1
- SUSE-SU-2019:1268-1
- SUSE-SU-2019:1269-1
- SUSE-SU-2019:1272-1
- SUSE-SU-2019:1287-1
- SUSE-SU-2019:1289-1
- SUSE-SU-2019:1296-1
- SUSE-SU-2019:1313-1
- SUSE-SU-2019:1347-1
- SUSE-SU-2019:1348-1
- SUSE-SU-2019:1349-1
- SUSE-SU-2019:1356-1
- SUSE-SU-2019:1371-1
- SUSE-SU-2019:1423-1
- SUSE-SU-2019:1438-1
- SUSE-SU-2019:1452-1
- SUSE-SU-2019:1490-1
- SUSE-SU-2019:1547-1
- SUSE-SU-2019:1550-1
- SUSE-SU-2019:1909-1
- SUSE-SU-2019:1910-1
- SUSE-SU-2019:1954-1
- SUSE-SU-2019:2223-1
- SUSE-SU-2019:2430-1
- SUSE-SU-2019:2753-1
- SUSE-SU-2019:2769-1
- SUSE-SU-2020:0844-1
- SUSE-SU-2020:0845-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1501-1
- SUSE-SU-2020:1514-1
- SUSE-SU-2020:1523-1
- SUSE-SU-2020:1526-1
- SUSE-SU-2020:1538-1
- SUSE-SU-2021:1829-1
- USN-3923-1
- USN-3977-1
- USN-3977-2
- USN-3977-3
- USN-3978-1
- USN-3979-1
- USN-3980-1
- USN-3980-2
- USN-3981-1
- USN-3981-2
- USN-3982-1
- USN-3982-2
- USN-3983-1
- USN-3983-2
- USN-3984-1
- USN-3985-1
- USN-3985-2
- VMSA-2019-0008.2
- XSA-297
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2019-4640 | http://linux.oracle.com/errata/ELSA-2019-4640.html | |
CVE | CVE-2018-20123 | http://linux.oracle.com/cve/CVE-2018-20123.html | |
CVE | CVE-2019-6778 | http://linux.oracle.com/cve/CVE-2019-6778.html | |
CVE | CVE-2018-12126 | http://linux.oracle.com/cve/CVE-2018-12126.html | |
CVE | CVE-2018-12130 | http://linux.oracle.com/cve/CVE-2018-12130.html | |
CVE | CVE-2018-12127 | http://linux.oracle.com/cve/CVE-2018-12127.html | |
CVE | CVE-2019-11091 | http://linux.oracle.com/cve/CVE-2019-11091.html | |
CVE | CVE-2018-19665 | http://linux.oracle.com/cve/CVE-2018-19665.html | |
CVE | CVE-2018-18438 | http://linux.oracle.com/cve/CVE-2018-18438.html | |
CVE | CVE-2018-20815 | http://linux.oracle.com/cve/CVE-2018-20815.html | |
CVE | CVE-2019-3812 | http://linux.oracle.com/cve/CVE-2019-3812.html | |
CVE | CVE-2019-8934 | http://linux.oracle.com/cve/CVE-2019-8934.html | |
CVE | CVE-2019-9824 | http://linux.oracle.com/cve/CVE-2019-9824.html | |
CVE | CVE-2019-6501 | http://linux.oracle.com/cve/CVE-2019-6501.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/qemu?distro=oraclelinux-7 | oraclelinux | qemu | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-system-aarch64?distro=oraclelinux-7 | oraclelinux | qemu-system-aarch64 | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-system-aarch64-core?distro=oraclelinux-7 | oraclelinux | qemu-system-aarch64-core | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-kvm?distro=oraclelinux-7 | oraclelinux | qemu-kvm | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-kvm-core?distro=oraclelinux-7 | oraclelinux | qemu-kvm-core | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-img?distro=oraclelinux-7 | oraclelinux | qemu-img | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-common?distro=oraclelinux-7 | oraclelinux | qemu-common | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-block-rbd?distro=oraclelinux-7 | oraclelinux | qemu-block-rbd | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-block-iscsi?distro=oraclelinux-7 | oraclelinux | qemu-block-iscsi | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/qemu-block-gluster?distro=oraclelinux-7 | oraclelinux | qemu-block-gluster | < 3.1.0-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/ivshmem-tools?distro=oraclelinux-7 | oraclelinux | ivshmem-tools | < 3.1.0-3.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |