KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
Security Fix(es):
CVE-2018-20815 QEMU: device_tree: heap buffer overflow while loading device tree blob
CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_em
This update fixes the following bug:
Users of qemu-kvm are advised to upgrade to these updated packages. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.