Synopsis:          Important: qemu-kvm security update
Advisory ID:       SLSA-2020:4079-1
Issue Date:        2020-10-01
CVE Numbers:       CVE-2020-1983
                   CVE-2020-14364
--

Security Fix(es):

* QEMU: usb: out-of-bounds r/w access issue while processing usb packets
(CVE-2020-14364)

* QEMU: slirp: use-after-free in ip_reass() function in ip_input.c
(CVE-2020-1983)
--

SL7
  x86_64
    qemu-img-1.5.3-175.el7_9.1.x86_64.rpm
    qemu-kvm-1.5.3-175.el7_9.1.x86_64.rpm
    qemu-kvm-common-1.5.3-175.el7_9.1.x86_64.rpm
    qemu-kvm-tools-1.5.3-175.el7_9.1.x86_64.rpm
    qemu-kvm-debuginfo-1.5.3-175.el7_9.1.x86_64.rpm

- Scientific Linux Development Team