RHEL 7 : qemu-kvm-ma (RHSA-2018:3062)
High Nessus Plugin ID 118521
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.
The following packages have been upgraded to a later upstream version:
qemu-kvm-ma (2.12.0). (BZ#1562219)
Security Fix(es) :
* Qemu: memory exhaustion through framebuffer update request message in VNC server (CVE-2017-15124)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
This issue was discovered by Daniel Berrange (Red Hat).
Additional Changes :
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
SolutionUpdate the affected packages.