Synopsis: Important: qemu-kvm security and bug fix update Advisory ID: SLSA-2018:2462-1 Issue Date: 2018-08-16 CVE Numbers: CVE-2018-7550 CVE-2018-11806 -- Security Fix(es): * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) * QEMU: i386: multiboot OOB access while loading kernel image (CVE-2018-7550) Bug Fix(es): * Previously, live migrating a Windows guest in some cases caused the guest to become unresponsive. This update ensures that Real-time Clock (RTC) interrupts are not missed, which prevents the problem from occurring. -- SL7 x86_64 qemu-img-1.5.3-156.el7_5.5.x86_64.rpm qemu-kvm-1.5.3-156.el7_5.5.x86_64.rpm qemu-kvm-common-1.5.3-156.el7_5.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-156.el7_5.5.x86_64.rpm qemu-kvm-tools-1.5.3-156.el7_5.5.x86_64.rpm - Scientific Linux Development Team