Red Hat Security Advisory 2020-4694-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include information leakage, man-in-the-middle, and out of bounds read vulnerabilities.
7b13b0c6f83c6a6292bdcddb68a7fb3b320eaec0b3391cb8f42be4414664644b
Red Hat Security Advisory 2020-4059-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include information leakage and out of bounds read vulnerabilities.
bb7e50754ef13c63d0d79784da94ea537924e0c05444587fe255ffe2b9a39eb7
Red Hat Security Advisory 2020-3586-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include information leakage and out of bounds read vulnerabilities.
ad8866f7fc0a2a7af79d106635c88771d2aeef777e5d61c1ab39bbbb10d358eb
Ubuntu Security Notice 4467-1 - Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. Eric Blake and Xueqiang Wei discovered that the QEMU NDB implementation incorrectly handled certain requests. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. Various other issues were also addressed.
9aa3179b34eb601658a9a487805ca5302a3e7b10616c6b4f88ebda6983d3906c
Debian Linux Security Advisory 4728-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service.
dea50ea2adefea567a4b636347dcd73912d096e9869103369b2261024a9815ff
Ubuntu Security Notice 4437-1 - Ziming Zhang and VictorV discovered that libslirp incorrectly handled replying to certain ICMP echo requests. A remote attacker could possibly use this issue to cause libslirp to crash, resulting in a denial of service.
542dc28988393ded6d10f8f0c0f25a7f0eebae318a0befb7410ce775b4be7c14