ELSA-2021-9034

ULN >
Oracle Linux Errata repository >
ELSA-2021-9034

ELSA-2021-9034 - qemu security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2021-02-08

Description

[15:4.2.1-4.el7]
- Document CVE-2020-25723 as fixed (Mark Kanda) [Orabug: 32222397] {CVE-2020-25084} {CVE-2020-25723}
- hw/net/e1000e: advance desc_offset in case of null descriptor (Prasad J Pandit) [Orabug: 32217517] {CVE-2020-28916}
- i386: Add 2nd Generation AMD EPYC processors (Moger, Babu) [Orabug: 32217570]
- libslirp: Update version to include CVE fixes (Mark Kanda) [Orabug: 32208456] [Orabug: 32208462] {CVE-2020-29129} {CVE-2020-29130}
- Document CVE-2020-25624 as fixed (Mark Kanda) [Orabug: 32212527] {CVE-2020-25624} {CVE-2020-25625}
- pvpanic: Advertise the PVPANIC_CRASHLOADED event support (Paolo Bonzini) [Orabug: 32102853]
- ati: check x y display parameter values (Prasad J Pandit) [Orabug: 32108251] {CVE-2020-27616}
- Add AArch64 support for QMP regdump tool and sosreport plugin (Mark Kanda) [Orabug: 32080658]
- Add qemu_regdump sosreport plugin support for '-mon' QMP sockets (Mark Kanda)
- migration/dirtyrate: present dirty rate only when querying the rate has completed (Chuan Zheng)
- migration/dirtyrate: record start_time and calc_time while at the measuring state (Chuan Zheng)
- migration/dirtyrate: Add trace_calls to make it easier to debug (Chuan Zheng)
- migration/dirtyrate: Implement qmp_cal_dirty_rate()/qmp_get_dirty_rate() function (Chuan Zheng)
- migration/dirtyrate: Implement calculate_dirtyrate() function (Chuan Zheng)
- migration/dirtyrate: Implement set_sample_page_period() and is_sample_period_valid() (Chuan Zheng)
- migration/dirtyrate: skip sampling ramblock with size below MIN_RAMBLOCK_SIZE (Chuan Zheng)
- migration/dirtyrate: Compare page hash results for recorded sampled page (Chuan Zheng)
- migration/dirtyrate: Record hash results for each sampled page (Chuan Zheng)
- migration/dirtyrate: move RAMBLOCK_FOREACH_MIGRATABLE into ram.h (Chuan Zheng)
- migration/dirtyrate: Add dirtyrate statistics series functions (Chuan Zheng)
- migration/dirtyrate: Add RamblockDirtyInfo to store sampled page info (Chuan Zheng)
- migration/dirtyrate: add DirtyRateStatus to denote calculation status (Chuan Zheng)
- migration/dirtyrate: setup up query-dirtyrate framwork (Chuan Zheng)
- ram_addr: Split RAMBlock definition (Juan Quintela)

[15:4.2.1-3.el7]
- qemu-kvm.spec: Install block storage module RPMs by default (Karl Heubaum) [Orabug: 31943789]
- qemu-kvm.spec: Enable block-ssh module RPM (Karl Heubaum) [Orabug: 31943763]
- hw: usb: hcd-ohci: check for processed TD before retire (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625}
- hw: usb: hcd-ohci: check len and frame_number variables (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625}
- hw: ehci: check return value of 'usb_packet_map' (Li Qiang) [Orabug: 31901649] {CVE-2020-25084}
- hw: xhci: check return value of 'usb_packet_map' (Li Qiang) [Orabug: 31901649] {CVE-2020-25084}
- qemu.spec: Enable '-Werror' for OL7 builds (Mark Kanda) [Orabug: 31922718]
- usb: fix setup_len init (CVE-2020-14364) (Gerd Hoffmann) [Orabug: 31848849] {CVE-2020-14364}
- Document CVE-2020-12829 and CVE-2020-14415 as fixed (Mark Kanda) [Orabug: 31855502] [Orabug: 31855427] {CVE-2020-12829} {CVE-2020-14415}

[15:4.2.1-2.el7]
- hw/net/xgmac: Fix buffer overflow in xgmac_enet_send() (Mauro Matteo Cascella) [Orabug: 31667649] {CVE-2020-15863}
- hw/net/net_tx_pkt: fix assertion failure in net_tx_pkt_add_raw_fragment() (Mauro Matteo Cascella) [Orabug: 31737809] {CVE-2020-16092}
- migration: fix memory leak in qmp_migrate_set_parameters (Zheng Chuan) [Orabug: 31806256]
- virtio-net: fix removal of failover device (Juan Quintela) [Orabug: 31806255]
- pvpanic: implement crashloaded event handling (Zhenwei Pi) [Orabug: 31677154]
- pvpanic: introduce crashloaded for pvpanic (Zhenwei Pi) [Orabug: 31677154]

[15:4.2.1-1.el7]
- hw/sd/sdcard: Do not switch to ReceivingData if address is invalid (Philippe Mathieu-Daude) [Orabug: 31414336] {CVE-2020-13253}
- hw/sd/sdcard: Update coding style to make checkpatch.pl happy (Philippe Mathieu-Daude) [Orabug: 31414336]
- hw/sd/sdcard: Do not allow invalid SD card sizes (Philippe Mathieu-Daude) [Orabug: 31414336] {CVE-2020-13253}
- hw/sd/sdcard: Simplify realize() a bit (Philippe Mathieu-Daude) [Orabug: 31414336]
- hw/sd/sdcard: Restrict Class 6 commands to SCSD cards (Philippe Mathieu-Daude) [Orabug: 31414336]
- libslirp: Update to v4.3.1 to fix CVE-2020-10756 (Karl Heubaum) [Orabug: 31604999] {CVE-2020-10756}
- Document CVEs as fixed 2/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-18043} {CVE-2018-10839} {CVE-2018-11806} {CVE-2018-12617} {CVE-2018-15746} {CVE-2018-16847} {CVE-2018-16867} {CVE-2018-17958} {CVE-2018-17962} {CVE-2018-17963} {CVE-2018-18849} {CVE-2018-19364} {CVE-2018-19489} {CVE-2018-3639} {CVE-2018-5683} {CVE-2018-7550} {CVE-2018-7858} {CVE-2019-12068} {CVE-2019-15034} {CVE-2019-15890} {CVE-2019-20382} {CVE-2020-10702} {CVE-2020-10761} {CVE-2020-11102} {CVE-2020-11869} {CVE-2020-13361} {CVE-2020-13765} {CVE-2020-13800} {CVE-2020-1711} {CVE-2020-1983} {CVE-2020-8608}
- Document CVEs as fixed 1/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-10806} {CVE-2017-11334} {CVE-2017-12809} {CVE-2017-13672} {CVE-2017-13673} {CVE-2017-13711} {CVE-2017-14167} {CVE-2017-15038} {CVE-2017-15119} {CVE-2017-15124} {CVE-2017-15268} {CVE-2017-15289} {CVE-2017-16845} {CVE-2017-17381} {CVE-2017-18030} {CVE-2017-2630} {CVE-2017-2633} {CVE-2017-5715} {CVE-2017-5753} {CVE-2017-5754} {CVE-2017-5931} {CVE-2017-6058} {CVE-2017-7471} {CVE-2017-7493} {CVE-2017-8112} {CVE-2017-8309} {CVE-2017-8379} {CVE-2017-8380} {CVE-2017-9503} {CVE-2017-9524} {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2018-16872} {CVE-2018-20123} {CVE-2018-20124} {CVE-2018-20125} {CVE-2018-20126} {CVE-2018-20191} {CVE-2018-20216} {CVE-2018-20815} {CVE-2019-11091} {CVE-2019-12155} {CVE-2019-14378} {CVE-2019-3812} {CVE-2019-5008} {CVE-2019-6501} {CVE-2019-6778} {CVE-2019-8934} {CVE-2019-9824}
- qemu-kvm.spec: Add .spec file for OL8 (Karl Heubaum) [Orabug: 30618035]
- qemu.spec: Add .spec file for OL7 (Karl Heubaum) [Orabug: 30618035]
- qemu-submodule-init: Add Git submodule init script (Karl Heubaum) [Orabug: 30618035]
- vhost.conf: Initial vhost.conf (Karl Heubaum) [Orabug: 30618035]
- parfait: Add buildrpm/parfait-qemu.conf (Karl Heubaum) [Orabug: 30618035]
- virtio: Set PCI subsystem vendor ID to Oracle (Karl Heubaum) [Orabug: 30618035]
- qemu_regdump.py: Initial qemu_regdump.py (Karl Heubaum) [Orabug: 30618035]
- qmp-regdump: Initial qmp-regdump (Karl Heubaum) [Orabug: 30618035]
- bridge.conf: Initial bridge.conf (Karl Heubaum) [Orabug: 30618035]
- kvm.conf: Initial kvm.conf (Karl Heubaum) [Orabug: 30618035]
- 80-kvm.rules: Initial 80-kvm.rules (Karl Heubaum) [Orabug: 30618035]
- exec: set map length to zero when returning NULL (Prasad J Pandit) [Orabug: 31439733] {CVE-2020-13659}
- megasas: use unsigned type for reply_queue_head and check index (Prasad J Pandit) [Orabug: 31414338] {CVE-2020-13362}
- memory: Revert 'memory: accept mismatching sizes in memory_region_access_valid' (Michael S. Tsirkin) [Orabug: 31439736] [Orabug: 31452202] {CVE-2020-13754} {CVE-2020-13791}

[15:4.1.1-3.el7]
- buildrpm/spec files: Dont package elf2dmp (Karl Heubaum) [Orabug: 31657424]
- qemu-kvm.spec: Enable the block-curl package (Karl Heubaum) [Orabug: 31657424]
- qemu.spec: enable have_curl in spec (Dongli Zhang) [Orabug: 31657424]

[15:4.1.1-2.el7]
- Document CVE-2020-13765 as fixed (Karl Heubaum) [Orabug: 31463250] {CVE-2020-13765}
- kvm: Reallocate dirty_bmap when we change a slot (Dr. David Alan Gilbert) [Orabug: 31076399]
- kvm: split too big memory section on several memslots (Igor Mammedov) [Orabug: 31076399]
- target/i386: do not set unsupported VMX secondary execution controls (Vitaly Kuznetsov) [Orabug: 31463710]
- target/i386: add VMX definitions (Paolo Bonzini) [Orabug: 31463710]
- ati-vga: check mm_index before recursive call (CVE-2020-13800) (Prasad J Pandit) [Orabug: 31452206] {CVE-2020-13800}
- es1370: check total frame count against current frame (Prasad J Pandit) [Orabug: 31463235] {CVE-2020-13361}
- ati-vga: Fix checks in ati_2d_blt() to avoid crash (BALATON Zoltan) [Orabug: 31238432] {CVE-2020-11869}
- libslirp: Update to stable-4.2 to fix CVE-2020-1983 (Karl Heubaum) [Orabug: 31241227] {CVE-2020-1983}
- Document CVEs as fixed (Karl Heubaum) {CVE-2019-12068} {CVE-2019-15034}
- libslirp: Update to version 4.2.0 to fix CVEs (Karl Heubaum) [Orabug: 30274592] [Orabug: 30869830] {CVE-2019-15890} {CVE-2020-8608}
- target/i386: add support for MSR_IA32_TSX_CTRL (Paolo Bonzini) [Orabug: 31124041]
- qemu-img: Add --target-is-zero to convert (David Edmondson)
- vnc: fix memory leak when vnc disconnect (Li Qiang) [Orabug: 30996427] {CVE-2019-20382}
- iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711) (Felipe Franciosi) [Orabug: 31124035] {CVE-2020-1711}
- qemu.spec: Remove 'BuildRequires: kernel' (Karl Heubaum) [Orabug: 31124047]

[15:4.1.1-1.el7]
- qemu-submodule-init: Add Git submodule init script

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	qemu-4.2.1-4.el7.src.rpm	dc16b6f9b86c7d35636ff026607ecfdc	ELBA-2021-9161
	ivshmem-tools-4.2.1-4.el7.aarch64.rpm	40592321f56a6da4920946fbfd233a2d	ELBA-2021-9161
	qemu-4.2.1-4.el7.aarch64.rpm	5019525b8a2229aa76d1fac9ea6822d8	ELBA-2021-9161
	qemu-block-gluster-4.2.1-4.el7.aarch64.rpm	b3c57bed059844f45ef1aa853fccef4e	ELBA-2021-9161
	qemu-block-iscsi-4.2.1-4.el7.aarch64.rpm	324efb24214b66791774e11e03652d17	ELBA-2021-9161
	qemu-block-rbd-4.2.1-4.el7.aarch64.rpm	c19945996e4a992b1b54d79349a86419	ELBA-2021-9161
	qemu-common-4.2.1-4.el7.aarch64.rpm	be48d988ab2491a22ceff30f5614d090	ELBA-2021-9161
	qemu-img-4.2.1-4.el7.aarch64.rpm	eeda62625765a241f8c3390101fdc836	ELBA-2021-9161
	qemu-kvm-4.2.1-4.el7.aarch64.rpm	445f7af568f49928a5941af53993c2e2	ELBA-2021-9161
	qemu-kvm-core-4.2.1-4.el7.aarch64.rpm	c3b0c9a967e67478e96eb8faad4382f9	ELBA-2021-9161
	qemu-system-aarch64-4.2.1-4.el7.aarch64.rpm	a14520002d95b94fee558c7e23369b36	ELBA-2021-9161
	qemu-system-aarch64-core-4.2.1-4.el7.aarch64.rpm	6b8b37f91a3ac1af949de74b7a405db7	ELBA-2021-9161

Oracle Linux 7 (x86_64)	qemu-4.2.1-4.el7.src.rpm	dc16b6f9b86c7d35636ff026607ecfdc	ELBA-2021-9161
	qemu-4.2.1-4.el7.x86_64.rpm	41fd939859834921ebcb75a6e3dc965b	ELBA-2021-9161
	qemu-block-gluster-4.2.1-4.el7.x86_64.rpm	9bec5774f59b3ba2e9dea7a26310d6c4	ELBA-2021-9161
	qemu-block-iscsi-4.2.1-4.el7.x86_64.rpm	38f9d2d17b24e39446d426b3c847f776	ELBA-2021-9161
	qemu-block-rbd-4.2.1-4.el7.x86_64.rpm	c752e63fa7117d7ac1ff5cbf805e8290	ELBA-2021-9161
	qemu-common-4.2.1-4.el7.x86_64.rpm	de9d83abe7ff34ca33bca809d601c690	ELBA-2021-9161
	qemu-img-4.2.1-4.el7.x86_64.rpm	81c03bebc024633e1452044daffcaad0	ELBA-2021-9161
	qemu-kvm-4.2.1-4.el7.x86_64.rpm	133d18f0f42c2212be943055995869a6	ELBA-2021-9161
	qemu-kvm-core-4.2.1-4.el7.x86_64.rpm	c08952efc9b808526d260ca65173daae	ELBA-2021-9161
	qemu-system-x86-4.2.1-4.el7.x86_64.rpm	a583c4165142de2ed7323c3b8722b009	ELBA-2021-9161
	qemu-system-x86-core-4.2.1-4.el7.x86_64.rpm	266d9de14a38d549af467290bc8d0020	ELBA-2021-9161

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691