RHEL 7 : qemu-kvm-ma (RHSA-2018:2762)
High Nessus Plugin ID 117775
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.
Security Fix(es) :
* QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Jskz - Zero Day Initiative (trendmicro.com) for reporting this issue.
SolutionUpdate the affected packages.