Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2019:2892-1 Issue Date: 2019-09-24 CVE Numbers: CVE-2018-11806 CVE-2019-6778 CVE-2019-12155 CVE-2018-10839 CVE-2018-17962 -- Security Fix(es): * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) * QEMU: slirp: heap buffer overflow in tcp_emu() (CVE-2019-6778) * QEMU: ne2000: integer overflow leads to buffer overflow issue (CVE-2018-10839) * QEMU: pcnet: integer overflow leads to buffer overflow (CVE-2018-17962) * QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155) -- SL6 x86_64 qemu-guest-agent-0.12.1.2-2.506.el6_10.5.x86_64.rpm qemu-img-0.12.1.2-2.506.el6_10.5.x86_64.rpm qemu-kvm-0.12.1.2-2.506.el6_10.5.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.5.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.506.el6_10.5.x86_64.rpm i386 qemu-guest-agent-0.12.1.2-2.506.el6_10.5.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.5.i686.rpm - Scientific Linux Development Team