RHEL 7 : qemu-kvm-ma (RHSA-2019:2166)
High Nessus Plugin ID 127689
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.
Security Fix(es) :
* QEMU: net: ignore packets with large size (CVE-2018-17963)
* QEMU: scsi-generic: possible OOB access while handling inquiry request (CVE-2019-6501)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes :
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
SolutionUpdate the affected packages.