SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
Security Fix(es) :
* QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Jskz - Zero Day Initiative (trendmicro.com) for reporting this issue.
SolutionUpdate the affected packages.