Red Hat Security Advisory: qemu-kvm-rhev security update
🔗 CVE IDs covered (10)
📋 Description
CVE-2013-4148 — qemu: virtio-net: buffer overflow on invalid state load CVE-2013-4151 — qemu: virtio: out-of-bounds buffer write on invalid state load CVE-2013-4535 — qemu: virtio: insufficient validation of num_sg when mapping CVE-2013-4536 — qemu: virtio: insufficient validation of num_sg when mapping CVE-2013-4541 — qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load CVE-2013-4542 — qemu: virtio-scsi: buffer overrun on invalid state load CVE-2013-6399 — qemu: virtio: buffer overrun on incoming migration CVE-2014-0182 — qemu: virtio: out-of-bounds buffer write on state load with invalid config_len CVE-2014-2894 — QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART CVE-2014-3461 — Qemu: usb: fix up post load checks
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2014:0744
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066334
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066342
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066361
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066382
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066384
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1066401
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087971
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1088986
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1096821
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0744.json