qemu-kvm-7.2.0-14.el9.5.ML.1
エラータID: AXSA:2023-6420:06
リリース日:
2023/09/21 Thursday - 05:37
題名:
qemu-kvm-7.2.0-14.el9.5.ML.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- QEMU の VNC サーバー機能には、以前の VNC 接続要求がハンドシェイク
状態でかつ接続に失敗した場合、NULL ポインタデリファレンスが発生する
問題があるため、リモートの攻撃者により、サービス拒否攻撃 (クライアント
からの VNC 接続不可) を可能とする脆弱性が存在します。(CVE-2023-3354)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-3354
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
追加情報:
N/A
ダウンロード:
SRPMS
- qemu-kvm-7.2.0-14.el9.5.ML.1.src.rpm
MD5: 53e32a36cc74504f1bd3343290c12177
SHA-256: 9851f47e40feb54ecda81ffb47fb7dd59ee8ccf7d7407ece55e12b19ba8df37c
Size: 117.12 MB
Asianux Server 9 for x86_64
- qemu-guest-agent-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: e02949529e738b6e2dce322e7a1ad34b
SHA-256: a0269098bc19e9501d3770f19ede8a37b01fd2fe7af08bbe94d9fb91bfdadfa8
Size: 444.14 kB - qemu-img-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: b4b072b800c29371089679dbd648c917
SHA-256: 4f99dd9fb0cfe4b4ea367d708d239d21c92ad28948a1186b6123def0061d8b82
Size: 2.26 MB - qemu-kvm-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 1aa9a9659ecea1079e357ec731059a5c
SHA-256: ed3194d07bb50d98213e6d538557f56383a6ca16cd32fdde44135cf8ed9aa972
Size: 45.83 kB - qemu-kvm-audio-pa-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: e9fd534fe27336bf09943460242a8b0b
SHA-256: 8bb12c456cc687257a38fab113537df586d0bcf68c0763908551aed64d9b28d2
Size: 54.97 kB - qemu-kvm-block-curl-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: be3802e60ac9c722a2f3a5605144fceb
SHA-256: 34a3747dd6db852b9893dee09ad7820a5091f07199c9f2157eef34cb09749fbf
Size: 57.42 kB - qemu-kvm-block-rbd-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 1725465e44c1d333414ba8db10a778f2
SHA-256: e4a390f935e0380d63c9f87034c8cbf81dea9b5d4ce439c5a7d974a24dc4cb5d
Size: 60.64 kB - qemu-kvm-common-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: f50e5dd50330f1bcef64755d8201c4bc
SHA-256: c4415a4ba5256354742ba9c31252518fde166b022138906fb28576a60f6c40b0
Size: 618.87 kB - qemu-kvm-core-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: a1568486bb7676e4985855cb54409cfc
SHA-256: 1f760d4f825755500c955ae5b4c9152c5648815191bae00a5dc11e20dfd73359
Size: 3.97 MB - qemu-kvm-device-display-virtio-gpu-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: bac28f2b73d633a8a4ffd1a15f1976d4
SHA-256: c43c0a134c6d5d20d39cdd0fbe7552195e3391dbf8bd79a74f14731e8e969236
Size: 65.02 kB - qemu-kvm-device-display-virtio-gpu-pci-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 92970e2b310b7270033a506363fa0262
SHA-256: 07f195e26fac445bcbcffd4df7fef68012eddaae95b596561f743f5d19b49b6b
Size: 49.91 kB - qemu-kvm-device-display-virtio-vga-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 3ea0f2bbb1c42cd001f143a7469dca02
SHA-256: 5030d819bb55e5235388a7defd009f1e27c2d91eab2beaed0b1a8775dbb98a14
Size: 51.29 kB - qemu-kvm-device-usb-host-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 179464316505fb366f1c92ea391b7f16
SHA-256: 651fa61dab5a567a4a5b6a7cae84228aa8bba949de3d10822c7fbf1103bc563d
Size: 64.42 kB - qemu-kvm-device-usb-redirect-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: e2b6960094db256edff047ed5b78e5ae
SHA-256: 7a2aeb175e274e7bc514f501cc6f9d4ce4043ce2fc3b350105aa9e305aa38314
Size: 69.30 kB - qemu-kvm-docs-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 6868066df68e4b8c06656e3c862a17dd
SHA-256: aab05eda5c5ca178375675b5570c9cd67daf8623097a6a03fe2dd1670edd14a3
Size: 1.07 MB - qemu-kvm-tools-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: a1dc12e4a577a4c9ad25757fe5da9028
SHA-256: 05369c31c18ee8903b7bceed646181bb44a569aafc1e335226200a60ac7851e2
Size: 513.71 kB - qemu-kvm-ui-egl-headless-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: c51c002a0944dd0fbb828f3ce7186602
SHA-256: 556e5789af1ad73789c39da6bfb7e605d81edd41e8ed2a45c313680a3b8d3062
Size: 50.80 kB - qemu-kvm-ui-opengl-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 7d28c8875809c37b6a125180dc69a9dd
SHA-256: 633ed21dd3b9f4237b3a1f644f2d43f7dea8786308f3a14d25f445dddd71e932
Size: 56.44 kB - qemu-pr-helper-7.2.0-14.el9.5.ML.1.x86_64.rpm
MD5: 505ff671395ea5b72bcb4d2cef78235d
SHA-256: 8e72b4827545dfaddd946e1b3825e77ff5709329be52e2db51d20ff70323bf4d
Size: 455.93 kB