kvm: fixing initgroups bug and e1000 emulation overflow (CVE-2011-2527,CVE-2012-0029)
A missing initgroups() call for the -runas option has been
fixed in kvm (CVE-2011-2527) as well as a buffer overflow
in the e1000 device emulation (CVE-2012-0029).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 5706
Fixed bugs
bnc#705304
VUL-0: kvm: qemu -runas does not clear supplementary groups
bnc#740165
VUL-0: kvm: qemu heap overflow in e1000 device emulation
