{"id":"RHSA-2020:3906","summary":"Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update","modified":"2026-03-11T07:18:10.849198Z","published":"2024-09-13T16:20:31Z","upstream":["CVE-2018-15746","CVE-2019-20382"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:3906"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#low"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1615637"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791679"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802215"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1810390"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3906.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-15746"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-15746"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-15746"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-20382"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-20382"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-20382"},{"type":"ARTICLE","url":"https://www.openwall.com/lists/oss-security/2020/03/05/1"}],"affected":[{"package":{"name":"qemu-img","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/qemu-img"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/qemu-kvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-common","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/qemu-kvm-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/qemu-kvm-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-tools","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/qemu-kvm-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-img","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/qemu-img"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/qemu-kvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-common","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/qemu-kvm-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/qemu-kvm-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-tools","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/qemu-kvm-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-img","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/qemu-img"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/qemu-kvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-common","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/qemu-kvm-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/qemu-kvm-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-tools","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/qemu-kvm-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-img","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/qemu-img"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/qemu-kvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-common","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/qemu-kvm-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/qemu-kvm-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}},{"package":{"name":"qemu-kvm-tools","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/qemu-kvm-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10:1.5.3-175.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3906.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}]}