Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2019:1883-1 Issue Date: 2019-07-29 CVE Numbers: CVE-2019-6778 -- Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix(es): * QEMU: device_tree: heap buffer overflow while loading device tree blob (CVE-2018-20815) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * As newer machine remove csske feature, detection of the processor fail and machine used old version as fallback. This update make feature conditional so detection of newer cpu works properly. (BZ#1720262) -- SL7 x86_64 qemu-img-1.5.3-160.el7_6.3.x86_64.rpm qemu-kvm-1.5.3-160.el7_6.3.x86_64.rpm qemu-kvm-common-1.5.3-160.el7_6.3.x86_64.rpm qemu-kvm-debuginfo-1.5.3-160.el7_6.3.x86_64.rpm qemu-kvm-tools-1.5.3-160.el7_6.3.x86_64.rpm - Scientific Linux Development Team