ELSA-2017-1856 - qemu-kvm security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2017-08-07 |
Description
[1.5.3-141.el7]
- kvm-Fix-memory-slot-page-alignment-logic-bug-1455745.patch [bz#1455745]
- kvm-Do-not-hang-on-full-PTY.patch [bz#1452067]
- kvm-serial-fixing-vmstate-for-save-restore.patch [bz#1452067]
- kvm-serial-reinstate-watch-after-migration.patch [bz#1452067]
- kvm-nbd-Fully-initialize-client-in-case-of-failed-negoti.patch [bz#1451614]
- kvm-nbd-Fix-regression-on-resiliency-to-port-scan.patch [bz#1451614]
- Resolves: bz#1451614
(CVE-2017-9524 qemu-kvm: segment fault when private user nmap qemu-nbd server [rhel-7.4])
- Resolves: bz#1452067
(migration can confuse serial port user)
- Resolves: bz#1455745
(Backport fix for broken logic thats supposed to ensure memory slots are page aligned)
[1.5.3-140.el7]
- kvm-spice-fix-spice_chr_add_watch-pre-condition.patch [bz#1456983]
- Resolves: bz#1456983
(Character device regression due to missing patch)
[1.5.3-139.el7]
- kvm-char-change-qemu_chr_fe_add_watch-to-return-unsigned.patch [bz#1451470]
- Resolves: bz#1451470
(RHEL 7.2 based VM (Virtual Machine) hung for several hours apparently waiting for lock held by main_loop)
[1.5.3-138.el7]
- kvm-char-serial-cosmetic-fixes.patch [bz#1451470]
- kvm-char-serial-Use-generic-Fifo8.patch [bz#1451470]
- kvm-char-serial-serial_ioport_write-Factor-out-common-co.patch [bz#1451470]
- kvm-char-serial-fix-copy-paste-error-fifo8_is_full-vs-em.patch [bz#1451470]
- kvm-char-serial-Fix-emptyness-check.patch [bz#1451470]
- kvm-char-serial-Fix-emptyness-handling.patch [bz#1451470]
- kvm-serial-poll-the-serial-console-with-G_IO_HUP.patch [bz#1451470]
- kvm-serial-change-retry-logic-to-avoid-concurrency.patch [bz#1451470]
- kvm-qemu-char-ignore-flow-control-if-a-PTY-s-slave-is-no.patch [bz#1451470]
- kvm-serial-check-if-backed-by-a-physical-serial-port-at-.patch [bz#1451470]
- kvm-serial-reset-thri_pending-on-IER-writes-with-THRI-0.patch [bz#1451470]
- kvm-serial-clean-up-THRE-TEMT-handling.patch [bz#1451470]
- kvm-serial-update-LSR-on-enabling-disabling-FIFOs.patch [bz#1451470]
- kvm-serial-only-resample-THR-interrupt-on-rising-edge-of.patch [bz#1451470]
- kvm-serial-make-tsr_retry-unsigned.patch [bz#1451470]
- kvm-serial-simplify-tsr_retry-reset.patch [bz#1451470]
- kvm-serial-separate-serial_xmit-and-serial_watch_cb.patch [bz#1451470]
- kvm-serial-remove-watch-on-reset.patch [bz#1451470]
- Resolves: bz#1451470
(RHEL 7.2 based VM (Virtual Machine) hung for several hours apparently waiting for lock held by main_loop)
[1.5.3-137.el7]
- kvm-ide-fix-halted-IO-segfault-at-reset.patch [bz#1299875]
- Resolves: bz#1299875
(system_reset should clear pending request for error (IDE))
[1.5.3-136.el7]
- kvm-target-i386-get-set-migrate-XSAVES-state.patch [bz#1327593]
- kvm-Removing-texi2html-from-build-requirements.patch [bz#1440987]
- kvm-Disable-build-of-32bit-packages.patch [bz#1441778]
- kvm-Add-sample-images-to-srpm.patch [bz#1436280]
- Resolves: bz#1327593
([Intel 7.4 FEAT] KVM Enable the XSAVEC, XSAVES and XRSTORS instructions)
- Resolves: bz#1436280
(sample images for qemu-iotests are missing in the SRPM)
- Resolves: bz#1440987
(Remove texi2html build dependancy from RPM)
- Resolves: bz#1441778
(Stop building qemu-img for 32bit architectures.)
[1.5.3-135.el7]
- kvm-fix-cirrus_vga-fix-OOB-read-case-qemu-Segmentation-f.patch [bz#1430060]
- kvm-cirrus-vnc-zap-bitblit-support-from-console-code.patch [bz#1430060]
- kvm-cirrus-add-option-to-disable-blitter.patch [bz#1430060]
- kvm-cirrus-fix-cirrus_invalidate_region.patch [bz#1430060]
- kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch [bz#1430060]
- kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch [bz#1430060]
- kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran.patch [bz#1430060]
- Resolves: bz#1430060
(CVE-2016-9603 qemu-kvm: Qemu: cirrus: heap buffer overflow via vnc connection [rhel-7.4])
[1.5.3-134.el7]
- kvm-ui-vnc-introduce-VNC_DIRTY_PIXELS_PER_BIT-macro.patch [bz#1377977]
- kvm-ui-vnc-derive-cmp_bytes-from-VNC_DIRTY_PIXELS_PER_BI.patch [bz#1377977]
- kvm-ui-vnc-optimize-dirty-bitmap-tracking.patch [bz#1377977]
- kvm-ui-vnc-optimize-setting-in-vnc_dpy_update.patch [bz#1377977]
- kvm-ui-vnc-fix-vmware-VGA-incompatiblities.patch [bz#1377977]
- kvm-ui-vnc-fix-potential-memory-corruption-issues.patch [bz#1377977]
- kvm-vnc-fix-memory-corruption-CVE-2015-5225.patch [bz#1377977]
- kvm-vnc-fix-overflow-in-vnc_update_stats.patch [bz#1377977]
- kvm-i386-kvmvapic-initialise-imm32-variable.patch [bz#1335751]
- kvm-qemu-iotests-Filter-out-actual-image-size-in-067.patch [bz#1427176]
- vm-qcow2-Don-t-rely-on-free_cluster_index-in-alloc_ref2.patch [bz#1427176]
- kvm-qemu-iotests-Fix-core-dump-suppression-in-test-039.patch [bz#1427176]
- kvm-qemu-io-Add-sigraise-command.patch [bz#1427176]
- kvm-iotests-Filter-for-Killed-in-qemu-io-output.patch [bz#1427176]
- kvm-iotests-Fix-test-039.patch [bz#1427176]
- kvm-blkdebug-Add-bdrv_truncate.patch [bz#1427176]
- kvm-vhdx-Fix-zero-fill-iov-length.patch [bz#1427176]
- kvm-qemu-iotests-Disable-030-040-041.patch [bz#1427176]
- kvm-x86-add-AVX512_VPOPCNTDQ-features.patch [bz#1415830]
- kvm-usb-ccid-check-ccid-apdu-length.patch [bz#1419818]
- kvm-usb-ccid-better-bulk_out-error-handling.patch [bz#1419818]
- kvm-usb-ccid-move-header-size-check.patch [bz#1419818]
- kvm-usb-ccid-add-check-message-size-checks.patch [bz#1419818]
- kvm-spec-Update-rdma-build-dependency.patch [bz#1433920]
- Resolves: bz#1335751
(CVE-2016-4020 qemu-kvm: Qemu: i386: leakage of stack memory to guest in kvmvapic.c [rhel-7.4])
- Resolves: bz#1377977
(qemu-kvm coredump in vnc_raw_send_framebuffer_update [rhel-7.4])
- Resolves: bz#1415830
([Intel 7.4 FEAT] Enable vpopcntdq for KNM - qemu/kvm)
- Resolves: bz#1419818
(CVE-2017-5898 qemu-kvm: Qemu: usb: integer overflow in emulated_apdu_from_guest [rhel-7.4])
- Resolves: bz#1427176
(test cases of qemu-iotests failed)
- Resolves: bz#1433920
(Switch from librdmacm-devel to rdma-core-devel)
[1.5.3-133.el7]
- kvm-target-i386-add-Ivy-Bridge-CPU-model.patch [bz#1368375]
- kvm-x86-add-AVX512_4VNNIW-and-AVX512_4FMAPS-features.patch [bz#1382122]
- kvm-target-i386-kvm_cpu_fill_host-Kill-unused-code.patch [bz#1382122]
- kvm-target-i386-kvm_cpu_fill_host-No-need-to-check-level.patch [bz#1382122]
- kvm-target-i386-kvm_cpu_fill_host-No-need-to-check-CPU-v.patch [bz#1382122]
- kvm-target-i386-kvm_cpu_fill_host-No-need-to-check-xleve.patch [bz#1382122]
- kvm-target-i386-kvm_cpu_fill_host-Set-all-feature-words-.patch [bz#1382122]
- kvm-target-i386-kvm_cpu_fill_host-Fill-feature-words-in-.patch [bz#1382122]
- kvm-target-i386-kvm_check_features_against_host-Kill-fea.patch [bz#1382122]
- kvm-target-i386-Make-TCG-feature-filtering-more-readable.patch [bz#1382122]
- kvm-target-i386-Filter-FEAT_7_0_EBX-TCG-features-too.patch [bz#1382122]
- kvm-target-i386-Filter-KVM-and-0xC0000001-features-on-TC.patch [bz#1382122]
- kvm-target-i386-Define-TCG_-_FEATURES-earlier-in-cpu.c.patch [bz#1382122]
- kvm-target-i386-Loop-based-copying-and-setting-unsetting.patch [bz#1382122]
- kvm-target-i386-Loop-based-feature-word-filtering-in-TCG.patch [bz#1382122]
- kvm-spice-remove-spice-experimental.h-include.patch [bz#1430606]
- kvm-spice-replace-use-of-deprecated-API.patch [bz#1430606]
- Resolves: bz#1368375
([Intel 7.4 Bug] qemu-kvm does not support '-cpu IvyBridge')
- Resolves: bz#1382122
([Intel 7.4 FEAT] KVM Enable the avx512_4vnniw, avx512_4fmaps instructions in qemu)
- Resolves: bz#1430606
(Cant build qemu-kvm with newer spice packages)
[1.5.3-132.el7]
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420492]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420492]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420492]
- Resolves: bz#1420492
(EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-7.4])
[1.5.3-131.el7]
- kvm-memory-Allow-access-only-upto-the-maximum-alignment-.patch [bz#1342768]
- kvm-virtio-blk-Release-s-rq-queue-at-system_reset.patch [bz#1361488]
- kvm-cirrus_vga-fix-off-by-one-in-blit_region_is_unsafe.patch [bz#1418233]
- kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch [bz#1418233]
- kvm-display-cirrus-ignore-source-pitch-value-as-needed-i.patch [bz#1418233]
- kvm-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch [bz#1418233]
- kvm-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch [bz#1418233]
- kvm-cirrus-fix-blit-address-mask-handling.patch [bz#1418233]
- kvm-cirrus-fix-oob-access-issue-CVE-2017-2615.patch [bz#1418233]
- kvm-HMP-Fix-user-manual-typo-of-__com.redhat_qxl_screend.patch [bz#1419898]
- kvm-HMP-Fix-documentation-of-__com.redhat.drive_add.patch [bz#1419898]
- Resolves: bz#1342768
([Intel 7.4 Bug] qemu-kvm crashes with Linux kernel 4.6.0 or above)
- Resolves: bz#1361488
(system_reset should clear pending request for error (virtio-blk))
- Resolves: bz#1418233
(CVE-2017-2615 qemu-kvm: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-7.4])
- Resolves: bz#1419898
(Documentation inaccurate for __com.redhat_qxl_screendump and __com.redhat_drive_add)
[1.5.3-130.el7]
- kvm-gluster-correctly-propagate-errors.patch [bz#1151859]
- kvm-gluster-Correctly-propagate-errors-when-volume-isn-t.patch [bz#1151859]
- kvm-block-gluster-add-support-for-selecting-debug-loggin.patch [bz#1151859]
- Resolves: bz#1151859
([RFE] Allow the libgfapi logging level to be controlled.)
[1.5.3-129.el7]
- kvm-Update-qemu-kvm-package-Summary-and-Description.patch [bz#1378541]
- kvm-vl-Don-t-silently-change-topology-when-all-smp-optio.patch [bz#1375507]
- kvm-net-check-packet-payload-length.patch [bz#1398218]
- kvm-qxl-Only-emit-QXL_INTERRUPT_CLIENT_MONITORS_CONFIG-o.patch [bz#1342489]
- Resolves: bz#1342489
(Flickering Fedora 24 Login Screen on RHEL 7)
- Resolves: bz#1375507
('threads' option is overwritten if both 'sockets' and 'cores' is set on -smp)
- Resolves: bz#1378541
(QEMU: update package summary and description)
- Resolves: bz#1398218
(CVE-2016-2857 qemu-kvm: Qemu: net: out of bounds read in net_checksum_calculate() [rhel-7.4])
[1.5.3-128.el7]
- kvm-virtio-introduce-virtqueue_unmap_sg.patch [bz#1377968]
- kvm-virtio-introduce-virtqueue_discard.patch [bz#1377968]
- kvm-virtio-decrement-vq-inuse-in-virtqueue_discard.patch [bz#1377968]
- kvm-balloon-fix-segfault-and-harden-the-stats-queue.patch [bz#1377968]
- kvm-virtio-balloon-discard-virtqueue-element-on-reset.patch [bz#1377968]
- kvm-virtio-zero-vq-inuse-in-virtio_reset.patch [bz#1377968]
- kvm-virtio-add-virtqueue_rewind.patch [bz#1377968]
- kvm-virtio-balloon-fix-stats-vq-migration.patch [bz#1377968]
- Resolves: bz#1377968
([RHEL7.3] KVM guest shuts itself down after 128th reboot)
[1.5.3-127.el7]
- kvm-hw-i386-regenerate-checked-in-AML-payload-RHEL-only.patch [bz#1377087]
- kvm-ide-fix-halted-IO-segfault-at-reset.patch [bz#1377087]
- Resolves: bz#1377087
(shutdown rhel 5.11 guest failed and stop at 'system halted')
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (x86_64) | qemu-kvm-1.5.3-141.el7.src.rpm | 697a58058143e82d24196c3dc2b3e5b4 | ELBA-2021-9161 |
| qemu-img-1.5.3-141.el7.x86_64.rpm | 27a4e01f20560fd9943c912a5dedf8b6 | ELBA-2021-9161 |
| qemu-kvm-1.5.3-141.el7.x86_64.rpm | d0d7c97c141861a8e1d5a054a6f2f782 | ELBA-2021-9161 |
| qemu-kvm-common-1.5.3-141.el7.x86_64.rpm | 42c15ced51cc3f4f49d319d335084264 | ELSA-2021-0347 |
| qemu-kvm-tools-1.5.3-141.el7.x86_64.rpm | faacde44118c128d3d65d3b01fc47c85 | ELSA-2021-0347 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
