{"id":"RHSA-2019:2553","summary":"Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update","modified":"2026-03-20T10:02:01Z","published":"2024-09-13T22:00:01Z","upstream":["CVE-2018-12126","CVE-2018-12127","CVE-2018-12130","CVE-2018-17958","CVE-2018-17963","CVE-2018-20815","CVE-2019-11091","CVE-2019-6501","CVE-2019-9824"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2553"},{"type":"ARTICLE","url":"https://access.redhat.com/security/vulnerabilities/mds"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1508708"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1526313"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1531888"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551486"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1585155"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1597482"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1598119"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1603104"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1607768"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1608226"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610461"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1614302"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1614610"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1619778"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1620373"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1623986"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1624009"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627272"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1628098"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1629056"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1629717"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1629720"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631052"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631227"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631615"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631877"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633150"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633536"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636712"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636777"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642551"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646781"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646784"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1648236"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656913"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666336"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666884"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1667320"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1667782"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668160"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668956"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672010"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1673080"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1673397"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1673402"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1676728"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677073"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1678515"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1685989"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691009"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691018"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691048"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691563"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1692018"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1693101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1703916"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705312"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1714160"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2553.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-12126"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-12126"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12126"},{"type":"ARTICLE","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-12127"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-12127"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12127"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-12130"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-12130"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12130"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-17958"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-17958"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17958"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-17963"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-17963"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17963"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-20815"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-20815"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20815"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-6501"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-6501"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6501"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9824"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9824"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9824"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-11091"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-11091"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11091"}],"affected":[{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-img-rhev","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/qemu-img-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-common-rhev","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/qemu-kvm-common-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-rhev","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/qemu-kvm-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-rhev-debuginfo","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/qemu-kvm-rhev-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}},{"package":{"name":"qemu-kvm-tools-rhev","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/qemu-kvm-tools-rhev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:2.12.0-33.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2553.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}]}