Lucene search
OracleLinuxELSA-2017-0396HistoryMar 02, 2017 - 12:00 a.m.
qemu-kvm security and bug fix update
2017-03-0200:00:00
linux.oracle.com
17
0.001 Low
EPSS
Percentile
51.1%
[1.5.3-126.el7_3.5]
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420490]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420490]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420490]
- Resolves: bz#1420490
(EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-7.3.z])
[1.5.3-126.el7_3.4] - kvm-virtio-blk-Release-s-rq-queue-at-system_reset.patch [bz#1420049]
- kvm-cirrus_vga-fix-off-by-one-in-blit_region_is_unsafe.patch [bz#1418232]
- kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch [bz#1418232]
- kvm-display-cirrus-ignore-source-pitch-value-as-needed-i.patch [bz#1418232]
- kvm-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch [bz#1418232]
- kvm-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch [bz#1418232]
- kvm-cirrus-fix-blit-address-mask-handling.patch [bz#1418232]
- kvm-cirrus-fix-oob-access-issue-CVE-2017-2615.patch [bz#1418232]
- Resolves: bz#1418232
(CVE-2017-2615 qemu-kvm: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-7.3.z]) - Resolves: bz#1420049
(system_reset should clear pending request for error (virtio-blk))
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | qemu-kvm | < 1.5.3-126.el7_3.5 | qemu-kvm-1.5.3-126.el7_3.5.src.rpm |
| oracle linux | 7 | x86_64 | qemu-img | < 1.5.3-126.el7_3.5 | qemu-img-1.5.3-126.el7_3.5.x86_64.rpm |
| oracle linux | 7 | x86_64 | qemu-kvm | < 1.5.3-126.el7_3.5 | qemu-kvm-1.5.3-126.el7_3.5.x86_64.rpm |
| oracle linux | 7 | x86_64 | qemu-kvm-common | < 1.5.3-126.el7_3.5 | qemu-kvm-common-1.5.3-126.el7_3.5.x86_64.rpm |
| oracle linux | 7 | x86_64 | qemu-kvm-tools | < 1.5.3-126.el7_3.5 | qemu-kvm-tools-1.5.3-126.el7_3.5.x86_64.rpm |
Related
nessus
nessus
RHEL 7 : qemu-kvm (RHSA-2017:0396)
2017-03-03 00:00:00
Oracle Linux 7 : qemu-kvm (ELSA-2017-0396)
2017-03-03 00:00:00
EulerOS 2.0 SP1 : qemu-kvm (EulerOS-SA-2017-1037)
2017-05-01 00:00:00
redhat
redhat
(RHSA-2017:0396) Important: qemu-kvm security and bug fix update
2017-03-02 15:22:52
(RHSA-2017:0333) Important: qemu-kvm-rhev security update
2017-02-27 23:07:01
(RHSA-2017:0454) Important: kvm security update
2017-03-07 00:00:00
openvas
openvas
CentOS Update for kmod-kvm CESA-2017:0454 centos5
2017-03-09 00:00:00
RedHat Update for qemu-kvm RHSA-2017:0396-01
2017-03-03 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2017-1038)
2020-01-23 00:00:00
centos
centos
kmod, kvm security update
2017-03-08 18:33:47
qemu security update
2017-03-03 13:27:17
qemu security update
2017-03-01 12:08:31
oraclelinux
oraclelinux
kvm security update
2017-03-07 00:00:00
qemu-kvm security update
2017-03-01 00:00:00
qemu-kvm security and bug fix update
2017-03-27 00:00:00
osv
osv
qemu-kvm - security update
2017-02-28 00:00:00
qemu - security update
2017-03-01 00:00:00
CVE-2017-2615
2018-07-03 01:29:00
suse
suse
Security update for xen (important)
2017-03-11 15:07:34
Security update for xen (important)
2017-02-27 18:13:48
Security update for qemu (important)
2017-03-10 21:09:01
debian
debian
[SECURITY] [DLA 845-1] qemu security update
2017-03-01 19:51:15
[SECURITY] [DLA 842-1] qemu-kvm security update
2017-02-28 22:09:32
[SECURITY] [DLA 1270-1] xen security update
2018-02-06 12:35:00
cve
cve
CVE-2017-2615
2018-07-03 01:29:00
CVE-2017-2620
2018-07-27 19:29:00
freebsd
freebsd
xen-tools -- oob access in cirrus bitblt copy
2017-02-10 00:00:00
nvd
nvd
CVE-2017-2615
2018-07-03 01:29:00
CVE-2017-2620
2018-07-27 19:29:00
veracode
veracode
Privilege Escalation
2019-01-15 09:15:34
Arbitrary Code Execution
2019-01-15 09:15:42
prion
prion
Out-of-bounds
2018-07-03 01:29:00
Out-of-bounds
2018-07-27 19:29:00
xen
xen
oob access in cirrus bitblt copy
2017-02-10 12:43:00
cirrus_bitblt_cputovideo does not check if memory region is safe
2017-02-21 10:42:00
debiancve
debiancve
CVE-2017-2615
2018-07-03 01:29:00
CVE-2017-2620
2018-07-27 19:29:00
cvelist
cvelist
CVE-2017-2615
2018-07-02 18:00:00
CVE-2017-2620
2018-07-27 19:00:00
f5
f5
K41242221 : QEMU vulnerability CVE-2017-2615
2018-10-01 00:00:00
redhatcve
redhatcve
CVE-2017-2615
2019-10-05 06:28:56
CVE-2017-2620
2020-04-04 05:02:19
alpinelinux
alpinelinux
CVE-2017-2615
2018-07-03 01:29:00
CVE-2017-2620
2018-07-27 19:29:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2017-02-21 00:00:00
Xen: Privilege Escalation
2017-03-28 00:00:00
QEMU: Multiple vulnerabilities
2017-04-10 00:00:00
ubuntucve
ubuntucve
CVE-2017-2620
2017-02-22 00:00:00
CVE-2017-2615
2017-02-01 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: xen-4.6.4-8.fc24
2017-03-08 13:33:09
[SECURITY] Fedora 25 Update: xen-4.7.1-9.fc25
2017-03-01 01:30:45
[SECURITY] Fedora 24 Update: xen-4.6.4-7.fc24
2017-02-26 00:21:09
ubuntu
ubuntu
QEMU vulnerabilities
2017-04-20 00:00:00