Red Hat Security Advisory: rhev-hypervisor6 3.4.0 security, bug fix, and enhancement update
🔗 CVE IDs covered (18)
📋 Description
CVE-2013-4148 — qemu: virtio-net: buffer overflow on invalid state load CVE-2013-4151 — qemu: virtio: out-of-bounds buffer write on invalid state load CVE-2013-4535 — qemu: virtio: insufficient validation of num_sg when mapping CVE-2013-4536 — qemu: virtio: insufficient validation of num_sg when mapping CVE-2013-4541 — qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load CVE-2013-4542 — qemu: virtio-scsi: buffer overrun on invalid state load CVE-2013-6399 — qemu: virtio: buffer overrun on incoming migration CVE-2014-0142 — qemu: crash by possible division by zero CVE-2014-0143 — Qemu: block: multiple integer overflow flaws CVE-2014-0144 — Qemu: block: missing input validation CVE-2014-0145 — Qemu: prevent possible buffer overflows CVE-2014-0146 — Qemu: qcow2: NULL dereference in qcow2_open() error path CVE-2014-0147 — Qemu: block: possible crash due signed types or logic error CVE-2014-0148 — Qemu: vhdx: bounds checking for block_size and logical_sector_size CVE-2014-0150 — qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function CVE-2014-0182 — qemu: virtio: out-of-bounds buffer write on state load with invalid config_len CVE-2014-2894 — QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART CVE-2014-3461 — Qemu: usb: fix up post load checks
🔗 References (22)
- selfhttps://access.redhat.com/errata/RHSA-2014:0674
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1063182
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066334
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066342
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066361
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066382
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066384
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066401
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1078201
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1078212
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1078232
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1078846
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1078848
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1078885
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1079140
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1079240
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087971
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1088986
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1095812
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1096821
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0674.json