File _patchinfo of Package patchinfo.10254

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.10254

<patchinfo incident="10254">
  <issue tracker="bnc" id="1116717">VUL-0: CVE-2018-19364: qemu,kvm: 9pfs: Use-after-free due to race condition while updating fid path</issue>
  <issue tracker="bnc" id="1123156">VUL-0: CVE-2019-6778: kvm,qemu:  A heap buffer overflow in tcp_emu() found in slirp</issue>
  <issue tracker="bnc" id="1117275">VUL-1: CVE-2018-19489: kvm,qemu: QEMU: 9pfs: crash due to race condition in renaming files</issue>
  <issue tracker="bnc" id="1119493">VUL-0: CVE-2018-16872: kvm,qemu: usb-mtp: path traversal by host filesystem manipulation in Media Transfer Protocol (MTP)</issue>
  <issue tracker="cve" id="2018-16872"/>
  <issue tracker="cve" id="2019-6778"/>
  <issue tracker="cve" id="2018-19364"/>
  <issue tracker="cve" id="2018-19489"/>
  <category>security</category>
  <rating>important</rating>
  <packager>bfrogers</packager>
  <description>This update for qemu fixes the following issues:

Security issue fixed:

- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
</description>
  <summary>Security update for qemu</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.10254

Places