qemu-kvm-1.5.3-173.1.0.1.el7.AXS7

エラータID: AXSA:2020-075:01

Release date:

Tuesday, May 19, 2020 - 03:22

Subject:

Affected Channels:

Asianux Server 7 for x86_64

Severity:

High

Description:

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

Security Fix(es):

* QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-8608
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

Solution:

Update packages.

CVEs:

CVE-2020-8608
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

Additional Info:

N/A

Download:

SRPMS

qemu-kvm-1.5.3-173.1.0.1.el7.AXS7.src.rpm
MD5: b71946632726d3a05d30d243bacf6464
SHA-256: 05f378836b9e1a0857d4347e5104d92d9b71fb12f6d80066195474b94b147930
Size: 14.94 MB

Asianux Server 7 for x86_64

qemu-img-1.5.3-173.1.0.1.el7.AXS7.x86_64.rpm
MD5: 13ae86db20d697733cd2dce38f696eee
SHA-256: a58f75374d3a88234c16e99049e9389c2fc93135946dddca5b886453562304fd
Size: 701.50 kB
qemu-kvm-1.5.3-173.1.0.1.el7.AXS7.x86_64.rpm
MD5: 768eefa223ce5998d6497f628e82f3f5
SHA-256: 97537bfcfcb5a922977a1420a010a78b86e865df911375fe13e6f76fed32c046
Size: 1.91 MB
qemu-kvm-common-1.5.3-173.1.0.1.el7.AXS7.x86_64.rpm
MD5: 92cb5258daef8ddf73e1e365e321dc26
SHA-256: a8757769702f6c1ce9c25d6323091b498cfe13d3d42953831c01ac90b816e255
Size: 437.40 kB
qemu-kvm-tools-1.5.3-173.1.0.1.el7.AXS7.x86_64.rpm
MD5: bda9893e78561a36b5710bc16b990867
SHA-256: d15777180fc267eb7fd7c9e35f0bd6286a38ce73d33f9cd0a60f066709688a5d
Size: 235.40 kB

日本語

Main menu

You are here

qemu-kvm-1.5.3-173.1.0.1.el7.AXS7