Synopsis: Important: qemu-kvm security and bug fix update
Advisory ID: SLSA-2018:2462-1
Issue Date: 2018-08-16
CVE Numbers: CVE-2018-7550
CVE-2018-11806
—
Security Fix(es):
* QEMU: slirp: heap buffer overflow while reassembling fragmented
datagrams (CVE-2018-11806)
* QEMU: i386: multiboot OOB access while loading kernel image
(CVE-2018-7550)
Bug Fix(es):
* Previously, live migrating a Windows guest in some cases caused the
guest to become unresponsive. This update ensures that Real-time Clock
(RTC) interrupts are not missed, which prevents the problem from
occurring.
—
SL7
x86_64
qemu-img-1.5.3-156.el7_5.5.x86_64.rpm
qemu-kvm-1.5.3-156.el7_5.5.x86_64.rpm
qemu-kvm-common-1.5.3-156.el7_5.5.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-156.el7_5.5.x86_64.rpm
qemu-kvm-tools-1.5.3-156.el7_5.5.x86_64.rpm
– Scientific Linux Development Team
