【CESA-2017:1440】An update for firefox is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7

CESA-2017:1440

An update for firefox is now available for Red Hat Enterprise Linux 6 and Red
Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of
Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Mozilla Firefox is an open source web browser.

This update upgrades Firefox to version 52.2.0 ESR.

Security Fix(es):

* Multiple flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or, potentially,
execute arbitrary code with the privileges of the user running Firefox.
(CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7751, CVE-2017-7756,
CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775,
CVE-2017-7776, CVE-2017-7777, CVE-2017-7778, CVE-2017-7750, CVE-2017-7752,
CVE-2017-7754, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764)

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Nils, Nicolas Trippar of Zimperium zLabs, Mats Palmgren,
Philipp, Masayuki Nakano, Christian Holler, Andrew McCreight, Gary Kwong, André
Bargull, Carsten Book, Jesse Schwartzentruber, Julian Hector, Marcia Knous,
Ronald Crane, Samuel Erb, Holger Fuhrmannek, Tyson Smith, Abhishek Arya, and F.
Alonso (revskills) as the original reporters.

Bugs Fixed

1461252 – CVE-2017-5472 Mozilla: Use-after-free using destroyed node when regenerating trees (MFSA 2017-16)
1461253 – CVE-2017-7749 Mozilla: Use-after-free during docshell reloading (MFSA 2017-16)
1461254 – CVE-2017-7750 Mozilla: Use-after-free with track elements (MFSA 2017-16)
1461255 – CVE-2017-7751 Mozilla: Use-after-free with content viewer listeners (MFSA 2017-16)
1461256 – CVE-2017-7752 Mozilla: Use-after-free with IME input (MFSA 2017-16)
1461257 – CVE-2017-7754 Mozilla: Out-of-bounds read in WebGL with ImageInfo object (MFSA 2017-16)
1461258 – CVE-2017-7756 Mozilla: Use-after-free and use-after-scope logging XHR header errors (MFSA 2017-16)
1461259 – CVE-2017-7757 Mozilla: Use-after-free in IndexedDB (MFSA 2017-16)
1461260 – CVE-2017-7778 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778 Mozilla: Vulnerabilities in the Graphite 2 library (MFSA 2017-16)
1461261 – CVE-2017-7758 Mozilla: Out-of-bounds read in Opus encoder (MFSA 2017-16)
1461262 – CVE-2017-7764 Mozilla: Domain spoofing with combination of Canadian Syllabics and other unicode blocks (MFSA 2017-16)
1461264 – CVE-2017-5470 Mozilla: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2 (MFSA 2017-16)

【CESA-2017:1430】An update for qemu-kvm is now available for Red Hat Enterprise Linux 7

CESA-2017:1430

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux
on a variety of architectures. The qemu-kvm package provides the user-space
component for running virtual machines that use KVM.

Security Fix(es):

* An out-of-bounds r/w access issue was found in QEMU’s Cirrus CLGD 54xx VGA
Emulator support. The vulnerability could occur while copying VGA data via
various bitblt functions. A privileged user inside a guest could use this flaw
to crash the QEMU process or, potentially, execute arbitrary code on the host
with privileges of the QEMU process. (CVE-2017-7980)

* An out-of-bounds access issue was found in QEMU’s Cirrus CLGD 54xx VGA
Emulator support. The vulnerability could occur while copying VGA data using
bitblt functions (for example, cirrus_bitblt_rop_fwd_transp_). A privileged user
inside a guest could use this flaw to crash the QEMU process, resulting in
denial of service. (CVE-2017-7718)

Red Hat would like to thank Jiangxin (PSIRT Huawei Inc) and Li Qiang (Qihoo 360
Gear Team) for reporting CVE-2017-7980 and Jiangxin (PSIRT Huawei Inc) for
reporting CVE-2017-7718.

Bug Fix(es):

* Previously, guest virtual machines in some cases became unresponsive when the
“pty” back end of a serial device performed an irregular I/O communication. This
update improves the handling of serial I/O on guests, which prevents the
described problem from occurring. (BZ#1452332)

Bugs Fixed

1443441 – CVE-2017-7718 Qemu: display: cirrus: OOB read access issue
1444371 – CVE-2017-7980 Qemu: display: cirrus: OOB r/w access issues in bitblt routines
1452332 – RHEL 7.2 based VM (Virtual Machine) hung for several hours apparently waiting for lock held by main_loop