development/tools

qemu-kvm - Userspace component of KVM

Website: http://www.linux-kvm.org
License: GPLv2+ and LGPLv2+ and BSD
Vendor: Scientific Linux
Description:
KVM (for Kernel-based Virtual Machine) is a full virtualization solution
for Linux on x86 hardware.

Using KVM, one can run multiple virtual machines running unmodified Linux
or Windows images. Each virtual machine has private virtualized hardware:
a network card, disk, graphics adapter, etc.

Packages

qemu-kvm-0.12.1.2-2.503.el6_9.3.x86_64 [1.6 MiB] Changelog by Danilo Cesar Lemes de Paula (2017-05-05):
- kvm-cirrus-avoid-write-only-variables.patch [bz#1444377 bz#1444379]
- kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch [bz#1444377 bz#1444379]
- kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch [bz#1444377 bz#1444379]
- kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran.patch [bz#1444377 bz#1444379]
- kvm-cirrus-fix-PUTPIXEL-macro.patch [bz#1444377 bz#1444379]
- Resolves: bz#1444377
  (CVE-2017-7980 qemu-kvm: Qemu: display: cirrus: OOB r/w access issues in bitblt routines [rhel-6.9.z])
- Resolves: bz#1444379
  (CVE-2017-7980 qemu-kvm-rhev: Qemu: display: cirrus: OOB r/w access issues in bitblt routines [rhel-6.9.z])
qemu-kvm-0.12.1.2-2.503.el6.x86_64 [1.6 MiB] Changelog by Danilo Cesar Lemes de Paula (2017-02-13):
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420487 bz#1420489]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420487 bz#1420489]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420487 bz#1420489]
- Resolves: bz#1420487
  (EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.9])
- Resolves: bz#1420489
  (EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.9])
qemu-kvm-0.12.1.2-2.491.el6_8.7.x86_64 [1.6 MiB] Changelog by Danilo Cesar Lemes de Paula (2017-02-13):
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420486 bz#1420488]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420486 bz#1420488]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420486 bz#1420488]
- Resolves: bz#1420486
  (EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
- Resolves: bz#1420488
  (EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
qemu-kvm-0.12.1.2-2.491.el6_8.6.x86_64 [1.6 MiB] Changelog by Danilo Cesar Lemes de Paula (2017-02-09):
- kvm-cirrus_vga-fix-division-by-0-for-color-expansion-rop.patch [bz#1418230 bz#1419416]
- kvm-cirrus_vga-fix-off-by-one-in-blit_region_is_unsafe.patch [bz#1418230 bz#1419416]
- kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch [bz#1418230 bz#1419416]
- kvm-display-cirrus-ignore-source-pitch-value-as-needed-i.patch [bz#1418230 bz#1419416]
- kvm-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch [bz#1418230 bz#1419416]
- kvm-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch [bz#1418230 bz#1419416]
- kvm-cirrus-fix-blit-address-mask-handling.patch [bz#1418230 bz#1419416]
- kvm-cirrus-fix-oob-access-issue-CVE-2017-2615.patch [bz#1418230 bz#1419416]
- Resolves: bz#1418230
  (CVE-2017-2615 qemu-kvm: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-6.8.z])
- Resolves: bz#1419416
  (CVE-2017-2615 qemu-kvm-rhev: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-6.8.z])
qemu-kvm-0.12.1.2-2.491.el6_8.3.x86_64 [1.6 MiB] Changelog by Miroslav Rezanina (2016-07-27):
- kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch [bz#1359724]
- Resolves: bz#1359724
  (EMBARGOED CVE-2016-5403 qemu-kvm: Qemu: virtio: unbounded memory allocation on host via guest leading to DoS [rhel-6.8.z])
qemu-kvm-0.12.1.2-2.491.el6_8.1.x86_64 [1.6 MiB] Changelog by Miroslav Rezanina (2016-05-03):
- kvm-Add-vga.h-unmodified-from-Linux.patch [bz#1331407]
- kvm-vga.h-remove-unused-stuff-and-reformat.patch [bz#1331407]
- kvm-vga-use-constants-from-vga.h.patch [bz#1331407]
- kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch [bz#1331407]
- kvm-vga-fix-banked-access-bounds-checking-CVE-2016-3710.patch [bz#1331407]
- kvm-vga-add-vbe_enabled-helper.patch [bz#1331407]
- kvm-vga-factor-out-vga-register-setup.patch [bz#1331407]
- kvm-vga-update-vga-register-setup-on-vbe-changes.patch [bz#1331407]
- kvm-vga-make-sure-vga-register-setup-for-vbe-stays-intac.patch [bz#1331407]
- Resolves: bz#1331407
  (EMBARGOED CVE-2016-3710 qemu-kvm: qemu: incorrect banked access bounds checking in vga module [rhel-6.8.z])
qemu-kvm-0.12.1.2-2.479.el6_7.4.x86_64 [1.6 MiB] Changelog by Jeff E. Nelson (2016-01-25):
- kvm-fw_cfg-add-check-to-validate-current-entry-value-CVE.patch [bz#1298045]
- Resolves: bz#1298045
  (CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations [rhel-6.7.z])
qemu-kvm-0.12.1.2-2.479.el6_7.3.x86_64 [1.6 MiB] Changelog by Jeff E. Nelson (2015-12-16):
- kvm-net-pcnet-add-check-to-validate-receive-data-size-CV.patch [bz#1287950]
- kvm-pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch [bz#1287950]
- Resolves: bz#1287950
  (CVE-2015-7504 CVE-2015-7512 qemu-kvm: various flaws [rhel-6.7.z])
qemu-kvm-0.12.1.2-2.479.el6_7.2.x86_64 [1.6 MiB] Changelog by Jeff E. Nelson (2015-09-28):
- kvm-net-add-checks-to-validate-ring-buffer-pointers-CVE-.patch [bz#1263274]
- Resolves: bz#1263274
  (CVE-2015-5279 qemu-kvm: qemu: Heap overflow vulnerability in ne2000_receive() function [rhel-6.7.z])
qemu-kvm-0.12.1.2-2.479.el6_7.1.x86_64 [1.6 MiB] Changelog by Jeff E. Nelson (2015-08-06):
- kvm-rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-20.patch [bz#1248761]
- kvm-rtl8139-drop-tautologous-if-ip-.-statement-CVE-2015-.patch [bz#1248761]
- kvm-rtl8139-skip-offload-on-short-Ethernet-IP-header-CVE.patch [bz#1248761]
- kvm-rtl8139-check-IP-Header-Length-field-CVE-2015-5165.patch [bz#1248761]
- kvm-rtl8139-check-IP-Total-Length-field-CVE-2015-5165.patch [bz#1248761]
- kvm-rtl8139-skip-offload-on-short-TCP-header-CVE-2015-51.patch [bz#1248761]
- kvm-rtl8139-check-TCP-Data-Offset-field-CVE-2015-5165.patch [bz#1248761]
- Resolves: bz#1248761
  (CVE-2015-5165 qemu-kvm: Qemu: rtl8139 uninitialized heap memory information leakage to guest [rhel-6.7.z])
qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64 [1.6 MiB] Changelog by Jeff E. Nelson (2015-06-01):
- kvm-pcnet-fix-Negative-array-index-read.patch [bz#1225886]
- kvm-pcnet-force-the-buffer-access-to-be-in-bounds-during.patch [bz#1225886]
- Resolves: bz#1225886
  (EMBARGOED CVE-2015-3209 qemu-kvm: qemu: pcnet: multi-tmd buffer overflow in the tx path [rhel-6.6.z])
qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64 [1.6 MiB] Changelog by Miroslav Rezanina (2015-05-08):
- kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch [bz#1219267]
- Resolves: bz#1219267
  (EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw [rhel-6.6.z])
qemu-kvm-0.12.1.2-2.448.el6_6.2.x86_64 [1.6 MiB] Changelog by Jeff E. Nelson (2015-04-07):
- kvm-cirrus-fix-blit-region-check.patch [bz#1170571]
- kvm-cirrus-don-t-overflow-CirrusVGAState-cirrus_bltbuf.patch [bz#1170571]
- Resolves: bz#1170571
  (CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks [rhel-6.6.z])

Listing created by Repoview-0.6.6-1.el6