Title
ALSA-2021:1762 -- virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (moderate)
Description
* libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)
* QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c (CVE-2020-27821)
* QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443)
* QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure (CVE-2020-11947)
* QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)
* QEMU: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c (CVE-2020-25707)
* QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c (CVE-2020-25723)
* QEMU: e1000e: infinite loop scenario in case of null packet descriptor (CVE-2020-28916)
* QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29129, CVE-2020-29130)