ELSA-2023-12368
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-12368
ELSA-2023-12368 - qemu security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-06-01 |
Description
[15:4.2.1-26.el7]
- migration: check magic value for deciding the mapping of channels (manish.mishra) [Orabug: 34735462]
- io: Add support for MSG_PEEK for socket channel (manish.mishra) [Orabug: 34735462]
- migration: Move channel setup out of postcopy_try_recover() (Peter Xu) [Orabug: 34735462]
- vdpa: commit all host notifier MRs in a single MR transaction (Longpeng (Mike)) [Orabug: 35252234]
- vhost: configure all host notifiers in a single MR transaction (Longpeng (Mike)) [Orabug: 35252234]
- vhost: simplify vhost_dev_enable_notifiers (Longpeng (Mike)) [Orabug: 35252234]
- pcie: Do not update hotplugged device power in RUN_STATE_INMIGRATE state (Annie Li) [Orabug: 35055290]
- qga/win32: Use rundll for VSS installation (Konstantin Kostiuk) [Orabug: 35206108] {CVE-2023-0664}
- qga/win32: Remove change action from MSI installer (Konstantin Kostiuk) [Orabug: 35206108] {CVE-2023-0664}
- hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion (Philippe Mathieu-Daude) [Orabug: 34846087] {CVE-2022-4144}
- hw/display/qxl: Avoid buffer overrun in qxl_phys2virt (CVE-2022-4144) (Philippe Mathieu-Daude) [Orabug: 34846087] {CVE-2022-4144}
- hw/display/qxl: Pass requested buffer size to qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 34846087] {CVE-2022-4144}
- hw/display/qxl: Document qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 34846087] {CVE-2022-4144}
- hw/display/qxl: Have qxl_log_command Return early if no log_cmd handler (Philippe Mathieu-Daude) [Orabug: 34846087] {CVE-2022-4144}
- virtio-blk: On restart, process queued requests in the proper context (Sergio Lopez) [Orabug: 35060530]
- virtio-blk: Refactor the code that processes queued requests (Sergio Lopez) [Orabug: 35060530]
- hw/intc/ioapic: Update KVM routes before redelivering IRQ, on RTE update (David Woodhouse) [Orabug: 35219223]
- modules: load modules from /var/run/qemu/ directory firstly (Siddhi Katage) [Orabug: 34867783]
- qemu.spec: Add post-install script for block storage modules (Siddhi Katage) [Orabug: 34867783]
- qemu.spec: Enable '-module-upgrades' for OL7 (Siddhi Katage) [Orabug: 34867783]
- module: increase dirs array size by one (Bruce Rogers) [Orabug: 34867783]
- modules: load modules from versioned /var/run dir (Christian Ehrhardt) [Orabug: 34867783]
- blockjob: Fix crash with IOthread when block commit after snapshot (Michael Qiu) [Orabug: 35118668]
Related CVEs
| CVE-2023-0664 |
| CVE-2022-4144 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | qemu-4.2.1-26.el7.src.rpm | 581f40b34bc6231d4a5eaf85f36317ea | - |
| ivshmem-tools-4.2.1-26.el7.aarch64.rpm | f19044e6e47905861b737631d5842ee9 | - | |
| qemu-4.2.1-26.el7.aarch64.rpm | e189d3d71c06703aa48b555eae094c63 | - | |
| qemu-block-gluster-4.2.1-26.el7.aarch64.rpm | 8d46ffa4c6a5a343454b339eb7464643 | - | |
| qemu-block-iscsi-4.2.1-26.el7.aarch64.rpm | 35b6563176389f0587b2a7f782852bf2 | - | |
| qemu-block-rbd-4.2.1-26.el7.aarch64.rpm | e7420785daf569a30046587e6fb3d01c | - | |
| qemu-common-4.2.1-26.el7.aarch64.rpm | 8fe29af8cf2190c3346ef203b6a614e4 | - | |
| qemu-img-4.2.1-26.el7.aarch64.rpm | 4ea07c6439dfe69bf40b288fa4e0a8e4 | - | |
| qemu-kvm-4.2.1-26.el7.aarch64.rpm | bf1e098684ffdab01be49111f032479e | - | |
| qemu-kvm-core-4.2.1-26.el7.aarch64.rpm | b2ff686ab86c5a3cc3803ea2378da81a | - | |
| qemu-system-aarch64-4.2.1-26.el7.aarch64.rpm | e022ab00b29372840abc5d475956fda0 | - | |
| qemu-system-aarch64-core-4.2.1-26.el7.aarch64.rpm | bd46820eef2422a6e51b164326359963 | - | |
| Oracle Linux 7 (x86_64) | qemu-4.2.1-26.el7.src.rpm | 581f40b34bc6231d4a5eaf85f36317ea | - |
| qemu-4.2.1-26.el7.x86_64.rpm | c4f9c51417dd7beca88e8a15e965adaa | - | |
| qemu-block-gluster-4.2.1-26.el7.x86_64.rpm | 03185828a4cfe396a5840b090aa5b290 | - | |
| qemu-block-iscsi-4.2.1-26.el7.x86_64.rpm | e02b838e4237505e6f8e3c33d25896a3 | - | |
| qemu-block-rbd-4.2.1-26.el7.x86_64.rpm | a305e81923ef97d0ffe380a1e7adcdd1 | - | |
| qemu-common-4.2.1-26.el7.x86_64.rpm | 142312d09d46521cb36cb100285314b0 | - | |
| qemu-img-4.2.1-26.el7.x86_64.rpm | d83c5feeaac773e5fde4c0c039b322f3 | - | |
| qemu-kvm-4.2.1-26.el7.x86_64.rpm | 1e7076e5963676e696e80b551b9b5cd6 | - | |
| qemu-kvm-core-4.2.1-26.el7.x86_64.rpm | 099ded3b2ea2cff072f562a872098795 | - | |
| qemu-system-x86-4.2.1-26.el7.x86_64.rpm | 7b93d2587843250ab16b4e83d00a01d3 | - | |
| qemu-system-x86-core-4.2.1-26.el7.x86_64.rpm | 083a51bfe3a1b0ca3fd9833374e06ab8 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
