qemu-kvm-1.5.3-160.el7.3

エラータID: AXSA:2019-3944:03

Release date: 
Monday, August 5, 2019 - 07:54
Subject: 
qemu-kvm-1.5.3-160.el7.3
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

Security Fix(es):

* QEMU: slirp: heap buffer overflow in tcp_emu() (CVE-2019-6778)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-6778
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.

Solution: 

Update packages.

CVEs: 
CVE-2019-6778
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
Additional Info: 

N/A

Download: 

SRPMS
  1. qemu-kvm-1.5.3-160.el7.3.src.rpm
    MD5: 848ea36c4c3d0d860a4c010b9e85abe4
    SHA-256: 66122300258da78975428ee0085f4b30664a37dc2b5c0250a70bd050e38576d6
    Size: 14.88 MB

Asianux Server 7 for x86_64
  1. qemu-img-1.5.3-160.el7.3.x86_64.rpm
    MD5: 9a166fc8cd19c11d797d8525c79e31d2
    SHA-256: ab826d6dd3a355dc466d28cdd81fef4fde1ed96f26f96e129a1a37c84a7a3229
    Size: 695.79 kB
  2. qemu-kvm-1.5.3-160.el7.3.x86_64.rpm
    MD5: 40e0de77312a725861a942567ccd4bc4
    SHA-256: 74da56852116082cb547fe44e26c89f3e2c150fa561a24fda571251377661bbe
    Size: 1.92 MB
  3. qemu-kvm-common-1.5.3-160.el7.3.x86_64.rpm
    MD5: e12fe562f62c03be6c5626d8735511c4
    SHA-256: 3bb9de2475f06dd8de1348f9b7dc802dc20ee3a8f1068629c8c055864d4a3b87
    Size: 431.57 kB
  4. qemu-kvm-tools-1.5.3-160.el7.3.x86_64.rpm
    MD5: e9ecbc62268d3662274b04911c985926
    SHA-256: be2b2afc1a7308575af04fca5a1c8fc19242665d0f3f852f4fbab66d71c1f6cb
    Size: 229.60 kB