Synopsis: Moderate: qemu-kvm security fix update
Advisory ID: SLSA-2015:1793-1
Issue Date: 2015-09-15
CVE Numbers: CVE-2015-5165
—
An information leak flaw was found in the way QEMU’s RTL8139 emulation
implementation processed network packets under RTL8139 controller’s C+
mode of operation. An unprivileged guest user could use this flaw to read
up to 65 KB of uninitialized QEMU heap memory. (CVE-2015-5165)
After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.
—
SL7
x86_64
libcacard-1.5.3-86.el7_1.6.i686.rpm
libcacard-1.5.3-86.el7_1.6.x86_64.rpm
qemu-img-1.5.3-86.el7_1.6.x86_64.rpm
qemu-kvm-1.5.3-86.el7_1.6.x86_64.rpm
qemu-kvm-common-1.5.3-86.el7_1.6.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-86.el7_1.6.i686.rpm
qemu-kvm-debuginfo-1.5.3-86.el7_1.6.x86_64.rpm
qemu-kvm-tools-1.5.3-86.el7_1.6.x86_64.rpm
libcacard-devel-1.5.3-86.el7_1.6.i686.rpm
libcacard-devel-1.5.3-86.el7_1.6.x86_64.rpm
libcacard-tools-1.5.3-86.el7_1.6.x86_64.rpm
– Scientific Linux Development Team
