Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2020:0775-1 Issue Date: 2020-03-10 CVE Numbers: CVE-2019-14378 CVE-2019-15890 CVE-2020-7039 -- Security Fix(es): * QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) * QEMU: Slirp: use-after-free during packet reassembly (CVE-2019-15890) -- SL6 x86_64 qemu-guest-agent-0.12.1.2-2.506.el6_10.6.x86_64.rpm qemu-img-0.12.1.2-2.506.el6_10.6.x86_64.rpm qemu-kvm-0.12.1.2-2.506.el6_10.6.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.6.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.506.el6_10.6.x86_64.rpm i386 qemu-guest-agent-0.12.1.2-2.506.el6_10.6.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.6.i686.rpm - Scientific Linux Development Team