Red Hat Security Advisory 2018-2462-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a buffer overflow vulnerability.
d888f6c463bf4ebb8752fc93231cfe8f9188d40f7b96eb4a62e34c7bc02c8685
Ubuntu Security Notice 3649-1 - Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. Cyrille Chatras discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Various other issues were also addressed.
8d1fd8f5895618b90cefbd95f981ed47f49cbe3e49a20efeeb784bd6ffd48c02
Red Hat Security Advisory 2018-1369-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include out-of-bounds access.
90454141804f0e5a93c50eb232d7398ac9a54cec527c5f516ae4ead84a509bdf
Gentoo Linux Security Advisory 201804-8 - Multiple vulnerabilities have been found in QEMU, the worst of which may allow an attacker to execute arbitrary code. Versions less than 2.11.1-r1 are affected.
c0cac496b3a521f32ee1d0f652fd3355c954a2f4b374b783fe8e570dad67297a