Synopsis: Important: qemu-kvm security update
Advisory ID: SLSA-2020:0775-1
Issue Date: 2020-03-10
CVE Numbers: CVE-2019-14378
CVE-2019-15890
CVE-2020-7039
—
Security Fix(es):
* QEMU: slirp: heap buffer overflow during packet reassembly
(CVE-2019-14378)
* QEMU: slirp: OOB buffer access while emulating tcp protocols in
tcp_emu() (CVE-2020-7039)
* QEMU: Slirp: use-after-free during packet reassembly (CVE-2019-15890)
—
SL6
x86_64
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-img-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.6.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.506.el6_10.6.x86_64.rpm
i386
qemu-guest-agent-0.12.1.2-2.506.el6_10.6.i686.rpm
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.6.i686.rpm
– Scientific Linux Development Team
