Lucene search
RedHatRHSA-2020:1351HistoryApr 07, 2020 - 8:50 a.m.
(RHSA-2020:1351) Important: qemu-kvm security update
2020-04-0708:50:42
access.redhat.com
83
0.007 Low
EPSS
Percentile
80.3%
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
Security Fix(es):
-
QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039)
-
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | qemu-kvm-common | < 1.5.3-167.el7_7.6 | qemu-kvm-common-1.5.3-167.el7_7.6.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-img | < 1.5.3-167.el7_7.6 | qemu-img-1.5.3-167.el7_7.6.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-tools | < 1.5.3-167.el7_7.6 | qemu-kvm-tools-1.5.3-167.el7_7.6.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-debuginfo | < 1.5.3-167.el7_7.6 | qemu-kvm-debuginfo-1.5.3-167.el7_7.6.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-kvm | < 1.5.3-167.el7_7.6 | qemu-kvm-1.5.3-167.el7_7.6.x86_64.rpm |
Related
openvas
openvas
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1688)
2020-06-26 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2020-1298)
2020-03-23 00:00:00
Ubuntu: Security Advisory (USN-4632-1)
2020-11-13 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : qemu (EulerOS-SA-2020-1298)
2020-03-23 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2020-1688)
2020-06-25 00:00:00
RHEL 7 : qemu-kvm-rhev (RHSA-2020:2730)
2020-06-24 00:00:00
osv
osv
slirp - security update
2021-02-09 00:00:00
slirp vulnerabilities
2020-11-12 20:31:20
CVE-2020-8608
2020-02-06 17:15:14
debian
debian
[SECURITY] [DLA 2551-1] slirp security update
2021-02-09 20:56:45
[SECURITY] [DLA 2142-1] slirp security update
2020-03-13 10:20:39
[SECURITY] [DLA 2076-1] slirp security update
2020-01-26 21:43:12
redhat
redhat
(RHSA-2020:1261) Important: virt:8.1 security update
2020-04-01 06:58:30
(RHSA-2020:2730) Important: qemu-kvm-rhev security update
2020-06-24 12:16:29
(RHSA-2020:2342) Important: qemu-kvm-rhev bug fix update
2020-06-01 06:30:12
ubuntu
ubuntu
SLiRP vulnerabilities
2020-11-12 00:00:00
QEMU vulnerabilities
2020-02-18 00:00:00
amazon
amazon
Important: qemu-kvm
2020-07-14 20:27:00
Important: qemu-kvm
2020-07-27 23:58:00
Important: qemu
2020-03-23 16:27:00
centos
centos
qemu security update
2020-04-08 19:11:28
qemu security update
2020-04-28 00:23:01
qemu security update
2020-03-10 20:44:03
ubuntucve
ubuntucve
CVE-2020-7039
2020-01-16 00:00:00
CVE-2020-8608
2020-02-06 00:00:00
redhatcve
redhatcve
CVE-2020-7039
2020-01-16 08:09:06
CVE-2020-8608
2020-04-01 14:08:07
almalinux
almalinux
Important: container-tools:rhel8 security, bug fix, and enhancement update
2020-02-04 11:39:46
Important: container-tools:1.0 security update
2020-04-07 12:58:09
Important: container-tools:rhel8 security and bug fix update
2020-04-07 09:15:36
cbl_mariner
cbl_mariner
CVE-2020-7039 affecting package qemu-kvm 4.2.0-48
2020-11-05 04:21:31
cve
cve
CVE-2020-7039
2020-01-16 23:15:12
CVE-2020-8608
2020-02-06 17:15:14
f5
f5
K81258141 : QEMU 4.2.0 buffer overflow vulnerability CVE-2020-8608
2020-12-21 00:00:00
K18684657 : QEMU 4.2.0 vulnerability CVE-2020-7039
2021-01-21 00:00:00
rocky
rocky
container-tools:1.0 security update
2020-04-07 12:58:09
container-tools:rhel8 security and bug fix update
2020-04-07 09:15:36
container-tools:rhel8 security, bug fix, and enhancement update
2020-02-04 11:39:46
prion
prion
Heap overflow
2020-01-16 23:15:00
Buffer overflow
2020-02-06 17:15:00
cvelist
cvelist
CVE-2020-7039
2020-01-16 22:51:40
CVE-2020-8608
2020-02-06 16:45:25
veracode
veracode
Arbitrary Code Execution
2020-06-02 03:15:00
Arbitrary Code Execution
2020-05-15 02:20:11
debiancve
debiancve
CVE-2020-7039
2020-01-16 23:15:12
CVE-2020-8608
2020-02-06 17:15:14
oraclelinux
oraclelinux
qemu-kvm security update
2020-04-10 00:00:00
qemu-kvm security and bug fix update
2020-04-09 00:00:00
virt:ol security and bug fix update
2020-04-15 00:00:00
nvd
nvd
CVE-2020-7039
2020-01-16 23:15:12
CVE-2020-8608
2020-02-06 17:15:14
ibm
ibm
suse
suse
Security update for qemu (important)
2020-04-07 00:00:00
gentoo
gentoo
QEMU: Multiple vulnerabilities
2020-03-30 00:00:00
QEMU: Multiple vulnerabilities
2020-05-12 00:00:00
archlinux
archlinux
[ASA-202005-6] qemu: multiple issues
2020-05-07 00:00:00