(RHSA-2020:4051) Important: qemu-kvm security update

2020-09-2908:04:46

access.redhat.com

kvm

linux

usb

security update

cve-2020-14364

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

EPSS

0.001

Percentile

30.2%

JSON

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

Security Fix(es):

QEMU: usb: out-of-bounds r/w access issue while processing usb packets (CVE-2020-14364)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64qemu-kvm< 1.5.3-141.el7_4.11qemu-kvm-1.5.3-141.el7_4.11.x86_64.rpm
RedHat7x86_64qemu-kvm-debuginfo< 1.5.3-141.el7_4.11qemu-kvm-debuginfo-1.5.3-141.el7_4.11.x86_64.rpm
RedHat7x86_64qemu-img< 1.5.3-141.el7_4.11qemu-img-1.5.3-141.el7_4.11.x86_64.rpm
RedHat7x86_64qemu-kvm-common< 1.5.3-141.el7_4.11qemu-kvm-common-1.5.3-141.el7_4.11.x86_64.rpm
RedHat7ppc64leqemu-img< 1.5.3-141.el7_4.11qemu-img-1.5.3-141.el7_4.11.ppc64le.rpm
RedHat7x86_64qemu-kvm-tools< 1.5.3-141.el7_4.11qemu-kvm-tools-1.5.3-141.el7_4.11.x86_64.rpm
RedHat7ppc64leqemu-kvm-debuginfo< 1.5.3-141.el7_4.11qemu-kvm-debuginfo-1.5.3-141.el7_4.11.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	x86_64	qemu-kvm	< 1.5.3-141.el7_4.11	qemu-kvm-1.5.3-141.el7_4.11.x86_64.rpm
RedHat	7	x86_64	qemu-kvm-debuginfo	< 1.5.3-141.el7_4.11	qemu-kvm-debuginfo-1.5.3-141.el7_4.11.x86_64.rpm
RedHat	7	x86_64	qemu-img	< 1.5.3-141.el7_4.11	qemu-img-1.5.3-141.el7_4.11.x86_64.rpm
RedHat	7	x86_64	qemu-kvm-common	< 1.5.3-141.el7_4.11	qemu-kvm-common-1.5.3-141.el7_4.11.x86_64.rpm
RedHat	7	ppc64le	qemu-img	< 1.5.3-141.el7_4.11	qemu-img-1.5.3-141.el7_4.11.ppc64le.rpm
RedHat	7	x86_64	qemu-kvm-tools	< 1.5.3-141.el7_4.11	qemu-kvm-tools-1.5.3-141.el7_4.11.x86_64.rpm
RedHat	7	ppc64le	qemu-kvm-debuginfo	< 1.5.3-141.el7_4.11	qemu-kvm-debuginfo-1.5.3-141.el7_4.11.ppc64le.rpm