Lucene search
RedHatRHSA-2017:0621HistoryMar 21, 2017 - 6:17 a.m.
(RHSA-2017:0621) Moderate: qemu-kvm security and bug fix update
2017-03-2106:17:43
access.redhat.com
19
0.001 Low
EPSS
Percentile
22.7%
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
Security Fix(es):
- An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU’s VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance. (CVE-2016-3712)
Red Hat would like to thank Zuozhi Fzz (Alibaba Inc.) for reporting this issue.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | i686 | qemu-guest-agent | < 0.12.1.2-2.503.el6 | qemu-guest-agent-0.12.1.2-2.503.el6.i686.rpm |
| RedHat | 6 | x86_64 | qemu-kvm-tools | < 0.12.1.2-2.503.el6 | qemu-kvm-tools-0.12.1.2-2.503.el6.x86_64.rpm |
| RedHat | 6 | i686 | qemu-kvm-debuginfo | < 0.12.1.2-2.503.el6 | qemu-kvm-debuginfo-0.12.1.2-2.503.el6.i686.rpm |
| RedHat | 6 | x86_64 | qemu-img | < 0.12.1.2-2.503.el6 | qemu-img-0.12.1.2-2.503.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | qemu-guest-agent | < 0.12.1.2-2.503.el6 | qemu-guest-agent-0.12.1.2-2.503.el6.x86_64.rpm |
| RedHat | 6 | ppc64 | qemu-kvm-debuginfo | < 0.12.1.2-2.503.el6 | qemu-kvm-debuginfo-0.12.1.2-2.503.el6.ppc64.rpm |
| RedHat | 6 | x86_64 | qemu-kvm-debuginfo | < 0.12.1.2-2.503.el6 | qemu-kvm-debuginfo-0.12.1.2-2.503.el6.x86_64.rpm |
| RedHat | 6 | ppc64 | qemu-guest-agent | < 0.12.1.2-2.503.el6 | qemu-guest-agent-0.12.1.2-2.503.el6.ppc64.rpm |
| RedHat | 6 | x86_64 | qemu-kvm | < 0.12.1.2-2.503.el6 | qemu-kvm-0.12.1.2-2.503.el6.x86_64.rpm |
Related
prion
prion
Integer overflow
2016-05-11 21:59:00
centos
centos
qemu security update
2017-03-24 15:42:25
qemu security update
2016-11-25 16:01:55
nessus
nessus
Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20170321)
2017-04-06 00:00:00
CentOS 6 : qemu-kvm (CESA-2017:0621)
2017-03-27 00:00:00
RHEL 6 : qemu-kvm (RHSA-2017:0621)
2017-03-22 00:00:00
cve
cve
CVE-2016-3712
2016-05-11 21:59:02
debiancve
debiancve
CVE-2016-3712
2016-05-11 21:59:02
cvelist
cvelist
CVE-2016-3712
2016-05-11 21:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:16:25
openvas
openvas
RedHat Update for qemu-kvm RHSA-2017:0621-01
2017-03-22 00:00:00
Debian Security Advisory DSA 3573-1 (qemu - security update)
2016-05-09 00:00:00
Fedora Update for xen FEDORA-2016-f1c21e3c3c
2016-06-08 00:00:00
nvd
nvd
CVE-2016-3712
2016-05-11 21:59:02
ubuntucve
ubuntucve
CVE-2016-3712
2016-05-09 00:00:00
redhat
redhat
debian
debian
[SECURITY] [DSA 3573-1] qemu security update
2016-05-09 20:28:27
[SECURITY] [DLA 540-1] qemu security update
2016-07-01 09:48:47
[SECURITY] [DLA 539-1] qemu-kvm security update
2016-07-01 08:46:52
xen
xen
QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
2016-05-09 11:48:00
osv
osv
qemu-kvm - security update
2016-07-01 00:00:00
qemu - security update
2016-05-09 00:00:00
qemu - security update
2016-07-01 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: xen-4.6.1-8.fc24
2016-05-16 16:33:45
[SECURITY] Fedora 23 Update: xen-4.5.3-3.fc23
2016-05-12 07:32:01
[SECURITY] Fedora 22 Update: xen-4.5.3-5.fc22
2016-05-28 23:24:56
freebsd
freebsd
oraclelinux
oraclelinux
qemu-kvm security update
2016-08-11 00:00:00
qemu-kvm security update
2016-08-09 00:00:00
qemu-kvm security and bug fix update
2017-03-27 00:00:00
archlinux
archlinux
qemu-arch-extra: multiple issues
2016-06-08 00:00:00
qemu: multiple issues
2016-06-08 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2016-05-12 00:00:00
mageia
mageia
Updated qemu packages fix security vulnerabilities
2016-05-18 23:14:22
Updated xen packages fix security vulnerability
2017-01-09 23:29:57
suse
suse
Security update for xen (important)
2016-11-04 15:11:21
Security update for qemu (important)
2016-07-06 22:04:21
Security update for kvm (important)
2016-06-28 20:07:43