Issued:: 2020-03-10
Updated:: 2020-03-10

RHSA-2020:0773 - Important: qemu-kvm-rhev security update

Synopsis

Important: qemu-kvm-rhev security update

Type/Severity

Security Advisory Important

Topic

(none)

Description

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

Security Fix(es):

QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

(none)

Affected Products

Product	Version	Arch
Red Hat OpenStack - Extended Update Support	13	x86_64

Updated Packages

qemu-kvm-tools-rhev-2.12.0-18.el7_6.9.x86_64.rpm
qemu-img-rhev-2.12.0-18.el7_6.9.x86_64.rpm
qemu-kvm-common-rhev-2.12.0-18.el7_6.9.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.12.0-18.el7_6.9.x86_64.rpm
qemu-kvm-rhev-2.12.0-18.el7_6.9.src.rpm
qemu-kvm-rhev-2.12.0-18.el7_6.9.x86_64.rpm

Fixes

This content is not included.BZ - 1794290

CVEs

CVE-2020-1711

References

(none)

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.