RHSA-2018:1113MediumCVSS 8.3
Red Hat Security Advisory: qemu-kvm-rhev security and bug fix update
🔗 CVE IDs covered (8)
📋 Description
CVE-2017-13672 — QEMU: vga: OOB read access during display update CVE-2017-13673 — QEMU: VGA: reachable assert failure during display update CVE-2017-13711 — QEMU: Slirp: use-after-free when sending response CVE-2017-15118 — Qemu: stack buffer overflow in NBD server triggered via long export name CVE-2017-15119 — qemu: DoS via large option request CVE-2017-15124 — Qemu: memory exhaustion through framebuffer update request message in VNC server CVE-2017-15268 — QEMU: I/O: potential memory exhaustion via websock connection to VNC CVE-2018-5683 — Qemu: Out-of-bounds read in vga_draw_text routine
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2018:1113
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1486400
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1486560
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1486588
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1516925
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1525195
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1549860
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1553107
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1557010
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1557011
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1562826
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1113.json