[ELSA-2019-4640] qemu security update
Severity
Important
Affected Packages
11
CVEs
13
[15:3.1.0-3.el7]
- x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as
fixed (Mark Kanda) [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127}
{CVE-2018-12130} {CVE-2019-11091}
[15:3.1.0-2.el7]
- x86: Add mds feature (Karl Heubaum)
- e1000: Never increment the RX undersize count register (Chris Kenna)
- qemu.spec: audioflags set but never passed to configure script (Liam Merwick) [Orabug: 29715562]
- parfait: deal with parfait returning non-zero return value (Liam Merwick) [Orabug: 29715548]
- parfait: use nproc to choose default number of threads (Liam Merwick) [Orabug: 29715548]
- parfait: provide option to upload results (Liam Merwick) [Orabug: 29715548]
- parfait: disable misaligned-access check (Liam Merwick) [Orabug: 29715548]
- Document CVE-2019-8934 and CVE-2019-5008 as fixed (Mark Kanda) [Orabug: 29715605] {CVE-2019-5008} {CVE-2019-8934}
- device_tree.c: Don't use load_image() (Peter Maydell) [Orabug: 29715527] {CVE-2018-20815}
- slirp: check sscanf result when emulating ident (William Bowling) [Orabug: 29715525] {CVE-2019-9824}
- i2c-ddc: fix oob read (Gerd Hoffmann) [Orabug: 29715520] {CVE-2019-3812}
- scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini) [Orabug: 29259700] {CVE-2019-6501}
- slirp: check data length while emulating ident function (Prasad J Pandit) [Orabug: 29715755] {CVE-2019-6778}
| Package | Affected Version |
|---|---|
 pkg:rpm/oraclelinux/qemu?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-system-aarch64?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-system-aarch64-core?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-kvm?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-kvm-core?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-img?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-common?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-block-rbd?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-block-iscsi?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/qemu-block-gluster?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
|
pkg:rpm/oraclelinux/ivshmem-tools?distro=oraclelinux-7
|
< 3.1.0-3.el7 |
- ID
- ELSA-2019-4640
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2019-4640.html
- Published
-
2019-05-14T00:00:00
(5 years ago) - Modified
-
2019-05-14T00:00:00
(5 years ago) - Rights
- Copyright 2019 Oracle, Inc.
- Other Advisories
-
-
ALAS-2019-1205
-
ALAS-2019-1260
-
ALAS-2020-1400
-
ALAS-2020-1408
-
ALAS2-2019-1205
-
ALAS2-2019-1248
-
ALAS2-2019-1274
-
ALAS2-2020-1467
-
ALPINE:CVE-2018-12126
-
ALPINE:CVE-2018-12127
-
ALPINE:CVE-2018-12130
-
ALPINE:CVE-2019-11091
-
ALSA-2019:3345
-
DSA-4444-1
-
DSA-4447-1
-
DSA-4454-1
-
DSA-4506-1
-
ELSA-2019-1167
-
ELSA-2019-1168
-
ELSA-2019-1169
-
ELSA-2019-1175
-
ELSA-2019-1177
-
ELSA-2019-1178
-
ELSA-2019-1180
-
ELSA-2019-1181
-
ELSA-2019-1650
-
ELSA-2019-1883
-
ELSA-2019-2078
-
ELSA-2019-2892
-
ELSA-2019-4556
-
ELSA-2019-4628
-
ELSA-2019-4629
-
ELSA-2019-4630
-
ELSA-2019-4636
-
ELSA-2019-4637
-
ELSA-2019-4643
-
ELSA-2019-4669
-
ELSA-2019-4672
-
ELSA-2019-4675
-
ELSA-2019-4702
-
ELSA-2019-4713
-
ELSA-2019-4714
-
ELSA-2019-4732
-
FEDORA-2019-021c968423
-
FEDORA-2019-0332a96d31
-
FEDORA-2019-057d691fd4
-
FEDORA-2019-0664c7724d
-
FEDORA-2019-124a241044
-
FEDORA-2019-15e141c6a7
-
FEDORA-2019-1689d3fe07
-
FEDORA-2019-1f5832fc0e
-
FEDORA-2019-2e12bd3a9a
-
FEDORA-2019-3d7105bd2a
-
FEDORA-2019-41e28660ae
-
FEDORA-2019-48b34fc991
-
FEDORA-2019-4c91a2f76e
-
FEDORA-2019-52a8f5468e
-
FEDORA-2019-5f105dd2b6
-
FEDORA-2019-640f8d8dd1
-
FEDORA-2019-6458474bf2
-
FEDORA-2019-6817686c4d
-
FEDORA-2019-69c132b061
-
FEDORA-2019-6bda4c81f4
-
FEDORA-2019-6c3d89b3d0
-
FEDORA-2019-6e146a714c
-
FEDORA-2019-7a3fc17778
-
FEDORA-2019-7aecfe1c4b
-
FEDORA-2019-7ec378191e
-
FEDORA-2019-8169b57f28
-
FEDORA-2019-83858fc57b
-
FEDORA-2019-865bb16900
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-88a98ce795
-
FEDORA-2019-899ef6056c
-
FEDORA-2019-914542e05c
-
FEDORA-2019-9210998aaa
-
FEDORA-2019-97380355ae
-
FEDORA-2019-9d3fe6fd5b
-
FEDORA-2019-a570a92d5a
-
FEDORA-2019-a95015e60f
-
FEDORA-2019-aeda234b68
-
FEDORA-2019-b2dfb13daf
-
FEDORA-2019-b318b2c6f3
-
FEDORA-2019-c03eda3cc6
-
FEDORA-2019-c36afa818c
-
FEDORA-2019-cbb732f760
-
FEDORA-2019-e3010166bd
-
FEDORA-2019-e37c348348
-
FEDORA-2019-e6bf55e821
-
FEDORA-2019-e9de40d53f
-
FEDORA-2019-f40bd7826f
-
FEDORA-2019-f910d35647
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-2d9a75fadb
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-fe00e12580
-
FREEBSD:FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9
-
GLSA-201904-25
-
GLSA-202003-56
-
MS:CVE-2018-19665
-
openSUSE-SU-2019:0254-1
-
openSUSE-SU-2019:1402-1
-
openSUSE-SU-2019:1403-1
-
openSUSE-SU-2019:1404-1
-
openSUSE-SU-2019:1405-1
-
openSUSE-SU-2019:1468-1
-
openSUSE-SU-2019:1505-1
-
openSUSE-SU-2019:1805-1
-
openSUSE-SU-2019:1806-1
-
openSUSE-SU-2019:2044-1
-
openSUSE-SU-2020:0468-1
-
RHSA-2019:1167
-
RHSA-2019:1168
-
RHSA-2019:1169
-
RHSA-2019:1174
-
RHSA-2019:1175
-
RHSA-2019:1176
-
RHSA-2019:1177
-
RHSA-2019:1178
-
RHSA-2019:1180
-
RHSA-2019:1181
-
RHSA-2019:1650
-
RHSA-2019:1881
-
RHSA-2019:1883
-
RHSA-2019:2078
-
RHSA-2019:2166
-
RHSA-2019:2892
-
RHSA-2019:3345
-
RLSA-2019:3345
-
SUSE-SU-2018:3975-1
-
SUSE-SU-2018:3987-1
-
SUSE-SU-2019:0003-1
-
SUSE-SU-2019:0020-1
-
SUSE-SU-2019:0423-1
-
SUSE-SU-2019:0435-1
-
SUSE-SU-2019:0457-1
-
SUSE-SU-2019:0471-1
-
SUSE-SU-2019:0471-2
-
SUSE-SU-2019:0489-1
-
SUSE-SU-2019:0582-1
-
SUSE-SU-2019:0825-1
-
SUSE-SU-2019:0827-1
-
SUSE-SU-2019:0891-1
-
SUSE-SU-2019:0921-1
-
SUSE-SU-2019:1235-1
-
SUSE-SU-2019:1236-1
-
SUSE-SU-2019:1238-1
-
SUSE-SU-2019:1239-1
-
SUSE-SU-2019:1240-1
-
SUSE-SU-2019:1241-1
-
SUSE-SU-2019:1242-1
-
SUSE-SU-2019:1243-1
-
SUSE-SU-2019:1244-1
-
SUSE-SU-2019:1245-1
-
SUSE-SU-2019:1248-1
-
SUSE-SU-2019:1268-1
-
SUSE-SU-2019:1269-1
-
SUSE-SU-2019:1272-1
-
SUSE-SU-2019:1287-1
-
SUSE-SU-2019:1289-1
-
SUSE-SU-2019:1296-1
-
SUSE-SU-2019:1313-1
-
SUSE-SU-2019:1347-1
-
SUSE-SU-2019:1348-1
-
SUSE-SU-2019:1349-1
-
SUSE-SU-2019:1356-1
-
SUSE-SU-2019:1371-1
-
SUSE-SU-2019:1423-1
-
SUSE-SU-2019:1438-1
-
SUSE-SU-2019:1452-1
-
SUSE-SU-2019:1490-1
-
SUSE-SU-2019:1547-1
-
SUSE-SU-2019:1550-1
-
SUSE-SU-2019:1909-1
-
SUSE-SU-2019:1910-1
-
SUSE-SU-2019:1954-1
-
SUSE-SU-2019:2223-1
-
SUSE-SU-2019:2430-1
-
SUSE-SU-2019:2753-1
-
SUSE-SU-2019:2769-1
-
SUSE-SU-2020:0844-1
-
SUSE-SU-2020:0845-1
-
SUSE-SU-2020:1255-1
-
SUSE-SU-2020:1275-1
-
SUSE-SU-2020:1501-1
-
SUSE-SU-2020:1514-1
-
SUSE-SU-2020:1523-1
-
SUSE-SU-2020:1526-1
-
SUSE-SU-2020:1538-1
-
SUSE-SU-2021:1829-1
-
USN-3923-1
-
USN-3977-1
-
USN-3977-2
-
USN-3977-3
-
USN-3978-1
-
USN-3979-1
-
USN-3980-1
-
USN-3980-2
-
USN-3981-1
-
USN-3981-2
-
USN-3982-1
-
USN-3982-2
-
USN-3983-1
-
USN-3983-2
-
USN-3984-1
-
USN-3985-1
-
USN-3985-2
-
VMSA-2019-0008.2
-
XSA-297
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2019-4640 |
|
|
| CVE | CVE-2018-20123 |
|
|
| CVE | CVE-2019-6778 |
|
|
| CVE | CVE-2018-12126 |
|
|
| CVE | CVE-2018-12130 |
|
|
| CVE | CVE-2018-12127 |
|
|
| CVE | CVE-2019-11091 |
|
|
| CVE | CVE-2018-19665 |
|
|
| CVE | CVE-2018-18438 |
|
|
| CVE | CVE-2018-20815 |
|
|
| CVE | CVE-2019-3812 |
|
|
| CVE | CVE-2019-8934 |
|
|
| CVE | CVE-2019-9824 |
|
|
| CVE | CVE-2019-6501 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/qemu?distro=oraclelinux-7 | oraclelinux |
qemu
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-system-aarch64?distro=oraclelinux-7 | oraclelinux |
qemu-system-aarch64
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-system-aarch64-core?distro=oraclelinux-7 | oraclelinux |
qemu-system-aarch64-core
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-kvm?distro=oraclelinux-7 | oraclelinux |
qemu-kvm
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-kvm-core?distro=oraclelinux-7 | oraclelinux |
qemu-kvm-core
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-img?distro=oraclelinux-7 | oraclelinux |
qemu-img
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-common?distro=oraclelinux-7 | oraclelinux |
qemu-common
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-block-rbd?distro=oraclelinux-7 | oraclelinux |
qemu-block-rbd
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-block-iscsi?distro=oraclelinux-7 | oraclelinux |
qemu-block-iscsi
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/qemu-block-gluster?distro=oraclelinux-7 | oraclelinux |
qemu-block-gluster
|
< 3.1.0-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/ivshmem-tools?distro=oraclelinux-7 | oraclelinux |
ivshmem-tools
|
< 3.1.0-3.el7 | oraclelinux-7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |