Synopsis:          Important: qemu-kvm security and bug fix update
Advisory ID:       SLSA-2018:2462-1
Issue Date:        2018-08-16
CVE Numbers:       CVE-2018-7550
                   CVE-2018-11806
--

Security Fix(es):

* QEMU: slirp: heap buffer overflow while reassembling fragmented
datagrams (CVE-2018-11806)

* QEMU: i386: multiboot OOB access while loading kernel image
(CVE-2018-7550)

Bug Fix(es):

* Previously, live migrating a Windows guest in some cases caused the
guest to become unresponsive. This update ensures that Real-time Clock
(RTC) interrupts are not missed, which prevents the problem from
occurring.
--

SL7
  x86_64
    qemu-img-1.5.3-156.el7_5.5.x86_64.rpm
    qemu-kvm-1.5.3-156.el7_5.5.x86_64.rpm
    qemu-kvm-common-1.5.3-156.el7_5.5.x86_64.rpm
    qemu-kvm-debuginfo-1.5.3-156.el7_5.5.x86_64.rpm
    qemu-kvm-tools-1.5.3-156.el7_5.5.x86_64.rpm

- Scientific Linux Development Team