Lucene search

GoogleOSV:RLSA-2019:3345

HistoryNov 05, 2019 - 5:33 p.m.

Low: virt:rhel security, bug fix, and enhancement update

2019-11-0517:33:34

Google

osv.dev

0.015 Low

EPSS

Percentile

87.2%

JSON

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix(es):

ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)
QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)
QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section.

References

bugzilla.redhat.com/show_bug.cgi?id=1531543

bugzilla.redhat.com/show_bug.cgi?id=1662272

bugzilla.redhat.com/show_bug.cgi?id=1664463

bugzilla.redhat.com/show_bug.cgi?id=1667249

bugzilla.redhat.com/show_bug.cgi?id=1673010

bugzilla.redhat.com/show_bug.cgi?id=1673396

bugzilla.redhat.com/show_bug.cgi?id=1673401

bugzilla.redhat.com/show_bug.cgi?id=1678515

bugzilla.redhat.com/show_bug.cgi?id=1678979

bugzilla.redhat.com/show_bug.cgi?id=1679483

bugzilla.redhat.com/show_bug.cgi?id=1679966

bugzilla.redhat.com/show_bug.cgi?id=1680231

bugzilla.redhat.com/show_bug.cgi?id=1683681

bugzilla.redhat.com/show_bug.cgi?id=1684383

bugzilla.redhat.com/show_bug.cgi?id=1685151

bugzilla.redhat.com/show_bug.cgi?id=1686895

bugzilla.redhat.com/show_bug.cgi?id=1687541

bugzilla.redhat.com/show_bug.cgi?id=1687596

bugzilla.redhat.com/show_bug.cgi?id=1688062

bugzilla.redhat.com/show_bug.cgi?id=1689297

bugzilla.redhat.com/show_bug.cgi?id=1691356

bugzilla.redhat.com/show_bug.cgi?id=1691624

bugzilla.redhat.com/show_bug.cgi?id=1693299

bugzilla.redhat.com/show_bug.cgi?id=1693433

bugzilla.redhat.com/show_bug.cgi?id=1694148

bugzilla.redhat.com/show_bug.cgi?id=1697627

bugzilla.redhat.com/show_bug.cgi?id=1698133

bugzilla.redhat.com/show_bug.cgi?id=1707192

bugzilla.redhat.com/show_bug.cgi?id=1707598

bugzilla.redhat.com/show_bug.cgi?id=1707706

bugzilla.redhat.com/show_bug.cgi?id=1710575

bugzilla.redhat.com/show_bug.cgi?id=1712670

bugzilla.redhat.com/show_bug.cgi?id=1712810

bugzilla.redhat.com/show_bug.cgi?id=1712946

bugzilla.redhat.com/show_bug.cgi?id=1714933

bugzilla.redhat.com/show_bug.cgi?id=1716347

bugzilla.redhat.com/show_bug.cgi?id=1716907

bugzilla.redhat.com/show_bug.cgi?id=1716908

bugzilla.redhat.com/show_bug.cgi?id=1717088

bugzilla.redhat.com/show_bug.cgi?id=1719578

bugzilla.redhat.com/show_bug.cgi?id=1721434

bugzilla.redhat.com/show_bug.cgi?id=1721983

bugzilla.redhat.com/show_bug.cgi?id=1722668

bugzilla.redhat.com/show_bug.cgi?id=1722735

bugzilla.redhat.com/show_bug.cgi?id=1727821

bugzilla.redhat.com/show_bug.cgi?id=1728530

bugzilla.redhat.com/show_bug.cgi?id=1728657

bugzilla.redhat.com/show_bug.cgi?id=1728958

bugzilla.redhat.com/show_bug.cgi?id=1729675

bugzilla.redhat.com/show_bug.cgi?id=1732642

bugzilla.redhat.com/show_bug.cgi?id=1737790

bugzilla.redhat.com/show_bug.cgi?id=1738839

bugzilla.redhat.com/show_bug.cgi?id=1738886

bugzilla.redhat.com/show_bug.cgi?id=1740797

bugzilla.redhat.com/show_bug.cgi?id=1741825

bugzilla.redhat.com/show_bug.cgi?id=1741837

bugzilla.redhat.com/show_bug.cgi?id=1742819

bugzilla.redhat.com/show_bug.cgi?id=1744415

bugzilla.redhat.com/show_bug.cgi?id=1747185

bugzilla.redhat.com/show_bug.cgi?id=1747440

bugzilla.redhat.com/show_bug.cgi?id=1749227

errata.rockylinux.org/RLSA-2019:3345

0.015 Low

EPSS

Percentile

87.2%

JSON

Related for OSV:RLSA-2019:3345