Lucene search
RedHatRHSA-2017:0984HistoryApr 18, 2017 - 4:31 a.m.
(RHSA-2017:0984) Important: qemu-kvm-rhev security update
2017-04-1804:31:59
access.redhat.com
44
0.001 Low
EPSS
Percentile
49.5%
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
Security Fix(es):
- Quick Emulator (QEMU), built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | qemu-kvm-rhev | < 2.6.0-28.el7_3.9 | qemu-kvm-rhev-2.6.0-28.el7_3.9.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-common-rhev | < 2.6.0-28.el7_3.9 | qemu-kvm-common-rhev-2.6.0-28.el7_3.9.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-img-rhev | < 2.6.0-28.el7_3.9 | qemu-img-rhev-2.6.0-28.el7_3.9.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-rhev-debuginfo | < 2.6.0-28.el7_3.9 | qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.9.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-tools-rhev | < 2.6.0-28.el7_3.9 | qemu-kvm-tools-rhev-2.6.0-28.el7_3.9.x86_64.rpm |
Related
debian
debian
[SECURITY] [DLA 939-1] qemu-kvm security update
2017-05-11 10:00:48
[SECURITY] [DLA 1035-1] qemu security update
2017-07-21 15:17:41
[SECURITY] [DLA 1270-1] xen security update
2018-02-06 12:35:00
openvas
openvas
Debian: Security Advisory (DLA-939-1)
2018-01-24 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1145-1)
2021-06-09 00:00:00
RedHat Update for qemu-kvm RHSA-2017:1206-01
2017-05-10 00:00:00
nessus
nessus
Debian DLA-939-1 : qemu-kvm security update
2017-05-12 00:00:00
SUSE SLES11 Security Update : xen (SUSE-SU-2017:1145-1)
2017-05-03 00:00:00
CentOS 6 : qemu-kvm (CESA-2017:1206)
2017-05-10 00:00:00
redhat
redhat
(RHSA-2017:0988) Important: qemu-kvm-rhev security update
2017-04-18 13:40:17
(RHSA-2017:0983) Important: qemu-kvm-rhev security update
2017-04-18 04:31:26
(RHSA-2017:0982) Important: qemu-kvm-rhev security update
2017-04-18 04:29:54
osv
osv
qemu-kvm - security update
2017-05-11 00:00:00
qemu - security update
2017-07-21 00:00:00
CVE-2016-9603
2018-07-27 21:29:00
suse
suse
Security update for xen (important)
2017-05-02 18:11:58
Security update for xen (important)
2017-05-02 18:13:29
Security update for xen (important)
2017-05-02 18:10:15
centos
centos
qemu security update
2017-05-09 16:59:13
qemu security update
2017-06-13 18:32:57
qemu security update
2017-04-19 16:57:39
oraclelinux
oraclelinux
qemu-kvm security update
2017-05-09 00:00:00
qemu-kvm security and bug fix update
2017-06-13 00:00:00
qemu-kvm security update
2017-04-18 00:00:00
ibm
ibm
citrix
citrix
CVE-2016-9603 - Citrix XenServer Security Update
2017-03-14 04:00:00
Citrix XenServer Multiple Security Updates
2017-12-01 05:00:00
prion
prion
nvd
nvd
redhatcve
redhatcve
debiancve
debiancve
cvelist
cvelist
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:17:12
Heap-Based Buffer Overflow
2019-05-02 06:09:48
Arbitrary Code Execution
2019-01-15 09:16:24
ubuntucve
ubuntucve
cve
cve
xen
xen
Cirrus VGA Heap overflow via display refresh
2017-03-14 11:58:00
freebsd
freebsd
xen-tools -- Cirrus VGA Heap overflow via display refresh
2017-03-14 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2017-05-16 00:00:00
QEMU vulnerabilities
2017-04-25 00:00:00
QEMU vulnerabilities
2017-04-20 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: xen-4.7.2-2.fc25
2017-03-21 03:23:43
[SECURITY] Fedora 25 Update: qemu-2.7.1-7.fc25
2017-07-25 21:29:02
[SECURITY] Fedora 26 Update: xen-4.8.1-6.fc26
2017-08-22 20:46:11
gentoo
gentoo
QEMU: Multiple vulnerabilities
2017-06-06 00:00:00