{"id":"RHSA-2017:2408","summary":"Red Hat Security Advisory: qemu-kvm-rhev security and bug fix update","modified":"2026-01-14T11:02:26.702890Z","published":"2024-09-13T16:49:03Z","upstream":["CVE-2016-10155","CVE-2016-4020","CVE-2016-6888","CVE-2016-7422","CVE-2016-7466","CVE-2016-8576","CVE-2016-8669","CVE-2016-8909","CVE-2016-8910","CVE-2016-9907","CVE-2016-9911","CVE-2016-9921","CVE-2016-9922","CVE-2017-5579","CVE-2017-5973","CVE-2017-6414","CVE-2017-8309","CVE-2017-8379","CVE-2017-9310","CVE-2017-9373","CVE-2017-9374","CVE-2017-9375","CVE-2017-9524"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2408"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1313686"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1333425"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334398"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1369031"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1376755"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377837"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1384909"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388046"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388052"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402265"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402272"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1415199"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416157"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1421626"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1427833"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446517"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446547"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452620"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458270"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458744"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459132"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459661"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459663"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459664"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459666"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459667"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459668"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1460170"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2408.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-4020"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-4020"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4020"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-6888"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-6888"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6888"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-7422"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-7422"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7422"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-7466"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-7466"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7466"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-8576"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-8576"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8576"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-8669"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-8669"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8669"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-8909"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-8909"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8909"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-8910"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-8910"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8910"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-9907"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-9907"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9907"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-9911"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-9911"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9911"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-9921"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-9921"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9921"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-9922"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-9922"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9922"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-10155"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-10155"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10155"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-5579"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-5579"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5579"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-5973"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-5973"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5973"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-6414"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-6414"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6414"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-8309"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-8309"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8309"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-8379"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-8379"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8379"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-9310"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-9310"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9310"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-9373"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-9373"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9373"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-9374"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-9374"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9374"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-9375"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-9375"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9375"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-9524"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-9524"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9524"}],"affected":[{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:openstack:10::el7","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:openstack:10::el7","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:openstack:10::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:openstack:10::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:openstack:10::el7","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:openstack:11::el7","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:openstack:11::el7","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:openstack:11::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:openstack:11::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:openstack:11::el7","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:openstack:6::el7","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:openstack:6::el7","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:openstack:6::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:openstack:6::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:openstack:6::el7","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:openstack:7::el7","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:openstack:7::el7","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:openstack:7::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:openstack:7::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:openstack:7::el7","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:openstack:8::el7","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:openstack:8::el7","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:openstack:8::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:openstack:8::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:openstack:8::el7","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:openstack:9::el7","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:openstack:9::el7","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:openstack:9::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:openstack:9::el7","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:openstack:9::el7","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.9.0-10.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2408.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}