ELSA-2014-0927

ELSA-2014-0927 - qemu-kvm security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2014-07-23

Description


[1.5.3-60.el7_0.5]
- kvm-Allow-mismatched-virtio-config-len.patch [bz#1095782]
- Resolves: bz#1095782
(CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z])

[1.5.3-60.el7_0.4]
- kvm-zero-initialize-KVM_SET_GSI_ROUTING-input.patch [bz#1110693]
- kvm-skip-system-call-when-msi-route-is-unchanged.patch [bz#1110693]
- Resolves: bz#1110693
(2x RHEL 5.10 VM running on RHEL 7 KVM have low TCP_STREAM throughput)

[1.5.3-60.el7_0.3]
- kvm-virtio-net-fix-buffer-overflow-on-invalid-state-load.patch [bz#1095677]
- kvm-virtio-net-out-of-bounds-buffer-write-on-load.patch [bz#1095684]
- kvm-virtio-net-out-of-bounds-buffer-write-on-invalid-sta.patch [bz#1095689]
- kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch [bz#1095694]
- kvm-virtio-avoid-buffer-overrun-on-incoming-migration.patch [bz#1095737]
- kvm-virtio-scsi-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095741]
- kvm-virtio-validate-config_len-on-load.patch [bz#1095782]
- kvm-virtio-validate-num_sg-when-mapping.patch [bz#1095765]
- kvm-virtio-allow-mapping-up-to-max-queue-size.patch [bz#1095765]
- kvm-vmstate-add-VMS_MUST_EXIST.patch [bz#1095706]
- kvm-vmstate-add-VMSTATE_VALIDATE.patch [bz#1095706]
- kvm-hpet-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095706]
- kvm-hw-pci-pcie_aer.c-fix-buffer-overruns-on-invalid-sta.patch [bz#1095714]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_load.patch [bz#1095746]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_l2.patch [bz#1095746]
- kvm-usb-fix-up-post-load-checks.patch [bz#1096828]
- kvm-XBZRLE-Fix-qemu-crash-when-resize-the-xbzrle-cache.patch [bz#1110191]
- kvm-Provide-init-function-for-ram-migration.patch [bz#1110191]
- kvm-Init-the-XBZRLE.lock-in-ram_mig_init.patch [bz#1110191]
- kvm-XBZRLE-Fix-one-XBZRLE-corruption-issues.patch [bz#1110191]
- kvm-Count-used-RAMBlock-pages-for-migration_dirty_pages.patch [bz#1110189]
- kvm-qcow-correctly-propagate-errors.patch [bz#1097229]
- kvm-qcow1-Make-padding-in-the-header-explicit.patch [bz#1097229]
- kvm-qcow1-Check-maximum-cluster-size.patch [bz#1097229]
- kvm-qcow1-Validate-L2-table-size-CVE-2014-0222.patch [bz#1097229]
- kvm-qcow1-Validate-image-size-CVE-2014-0223.patch [bz#1097236]
- kvm-qcow1-Stricter-backing-file-length-check.patch [bz#1097236]
- kvm-char-restore-read-callback-on-a-reattached-hotplug-c.patch [bz#1110219]
- kvm-qcow2-Free-preallocated-zero-clusters.patch [bz#1110188]
- kvm-qemu-iotests-Discard-preallocated-zero-clusters.patch [bz#1110188]
- Resolves: bz#1095677
(CVE-2013-4148 qemu-kvm: qemu: virtio-net: buffer overflow on invalid state load [rhel-7.0.z])
- Resolves: bz#1095684
(CVE-2013-4149 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on load [rhel-7.0.z])
- Resolves: bz#1095689
(CVE-2013-4150 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on invalid state load [rhel-7.0.z])
- Resolves: bz#1095694
(CVE-2013-4151 qemu-kvm: qemu: virtio: out-of-bounds buffer write on invalid state load [rhel-7.0.z])
- Resolves: bz#1095706
(CVE-2013-4527 qemu-kvm: qemu: hpet: buffer overrun on invalid state load [rhel-7.0.z])
- Resolves: bz#1095714
(CVE-2013-4529 qemu-kvm: qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load [rhel-7.0.z])
- Resolves: bz#1095737
(CVE-2013-6399 qemu-kvm: qemu: virtio: buffer overrun on incoming migration [rhel-7.0.z])
- Resolves: bz#1095741
(CVE-2013-4542 qemu-kvm: qemu: virtio-scsi: buffer overrun on invalid state load [rhel-7.0.z])
- Resolves: bz#1095746
(CVE-2013-4541 qemu-kvm: qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load [rhel-7.0.z])
- Resolves: bz#1095765
(CVE-2013-4535 CVE-2013-4536 qemu-kvm: qemu: virtio: insufficient validation of num_sg when mapping [rhel-7.0.z])
- Resolves: bz#1095782
(CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z])
- Resolves: bz#1096828
(CVE-2014-3461 qemu-kvm: Qemu: usb: fix up post load checks [rhel-7.0.z])
- Resolves: bz#1097229
(CVE-2014-0222 qemu-kvm: Qemu: qcow1: validate L2 table size to avoid integer overflows [rhel-7.0.z])
- Resolves: bz#1097236
(CVE-2014-0223 qemu-kvm: Qemu: qcow1: validate image size to avoid out-of-bounds memory access [rhel-7.0.z])
- Resolves: bz#1110188
(qcow2 corruptions (leaked clusters after installing a rhel7 guest using virtio_scsi))
- Resolves: bz#1110189
(migration can not finish with 1024k 'remaining ram' left after hotunplug 4 nics)
- Resolves: bz#1110191
(Reduce the migrate cache size during migration causes qemu segment fault)
- Resolves: bz#1110219
(Guest can't receive any character transmitted from host after hot unplugging virtserialport then hot plugging again)


Related CVEs


CVE-2013-4529
CVE-2013-4542
CVE-2014-0223
CVE-2014-3461
CVE-2013-6399
CVE-2013-4149
CVE-2013-4150
CVE-2013-4151
CVE-2013-4541
CVE-2014-0182
CVE-2013-4148
CVE-2013-4527
CVE-2014-0222
CVE-2013-4535
CVE-2013-4536

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (x86_64) qemu-kvm-1.5.3-60.el7_0.5.src.rpm38fe3ac8b0499c9f790858d818436093b9050d409a4ffa682862953a41c3c3f4ELBA-2024-12732ol7_x86_64_latest_archive
qemu-kvm-1.5.3-60.el7_0.5.src.rpm38fe3ac8b0499c9f790858d818436093b9050d409a4ffa682862953a41c3c3f4ELBA-2024-12732ol7_x86_64_optional_archive
qemu-kvm-1.5.3-60.el7_0.5.src.rpm38fe3ac8b0499c9f790858d818436093b9050d409a4ffa682862953a41c3c3f4ELBA-2024-12732ol7_x86_64_u0_patch
libcacard-1.5.3-60.el7_0.5.i686.rpm69c9d3e3142de42669deec3b7eedfed58791fc2df3e1284f57f72b056ab12a62ELEA-2020-1159ol7_x86_64_latest_archive
libcacard-1.5.3-60.el7_0.5.i686.rpm69c9d3e3142de42669deec3b7eedfed58791fc2df3e1284f57f72b056ab12a62ELEA-2020-1159ol7_x86_64_u0_patch
libcacard-1.5.3-60.el7_0.5.x86_64.rpm2a55b68eaa0c181f3ab46c4bbf0fb562520de36427bddbef82bbf43604be6ebaELEA-2020-1159ol7_x86_64_latest_archive
libcacard-1.5.3-60.el7_0.5.x86_64.rpm2a55b68eaa0c181f3ab46c4bbf0fb562520de36427bddbef82bbf43604be6ebaELEA-2020-1159ol7_x86_64_u0_patch
libcacard-devel-1.5.3-60.el7_0.5.i686.rpm363fd146b289a4ea5d24928fb69ccf90bfedbfc7f37b0307e87da101308532c4ELEA-2020-1159ol7_x86_64_optional_archive
libcacard-devel-1.5.3-60.el7_0.5.x86_64.rpmeb4afb221bef87929f2d3bac1f661d80225ada449bfa9ad5d4ca2b0516e102d9ELEA-2020-1159ol7_x86_64_optional_archive
libcacard-tools-1.5.3-60.el7_0.5.x86_64.rpm31c4415d7d95ed4023e1ad95ac9518c5daed9c31a96fe7d2338e6afca1572f9bELEA-2020-1159ol7_x86_64_optional_archive
qemu-guest-agent-1.5.3-60.el7_0.5.x86_64.rpmc9cc21a8a11ce84f590f5c8b9a537f6093657e2add0ee46ef22dae921cee7314ELBA-2019-2124ol7_x86_64_latest_archive
qemu-guest-agent-1.5.3-60.el7_0.5.x86_64.rpmc9cc21a8a11ce84f590f5c8b9a537f6093657e2add0ee46ef22dae921cee7314ELBA-2019-2124ol7_x86_64_u0_patch
qemu-img-1.5.3-60.el7_0.5.x86_64.rpmba3b9554fa3f8d96f60a624ddec212e773eb8376b169e2f0077239565d75e1a3ELBA-2024-12732ol7_x86_64_latest_archive
qemu-img-1.5.3-60.el7_0.5.x86_64.rpmba3b9554fa3f8d96f60a624ddec212e773eb8376b169e2f0077239565d75e1a3ELBA-2024-12732ol7_x86_64_u0_patch
qemu-kvm-1.5.3-60.el7_0.5.x86_64.rpme37de6bd42e3e47f7be6c32595237d82ea174c2f976699fa1649ddeaad9ce124ELBA-2024-12732ol7_x86_64_latest_archive
qemu-kvm-1.5.3-60.el7_0.5.x86_64.rpme37de6bd42e3e47f7be6c32595237d82ea174c2f976699fa1649ddeaad9ce124ELBA-2024-12732ol7_x86_64_u0_patch
qemu-kvm-common-1.5.3-60.el7_0.5.x86_64.rpm9f5a404e90626aaae7b9722c5397118de9ea8549ed8131691209419cf9752a5aELBA-2022-4639ol7_x86_64_latest_archive
qemu-kvm-common-1.5.3-60.el7_0.5.x86_64.rpm9f5a404e90626aaae7b9722c5397118de9ea8549ed8131691209419cf9752a5aELBA-2022-4639ol7_x86_64_u0_patch
qemu-kvm-tools-1.5.3-60.el7_0.5.x86_64.rpm8d16d397b0b1155645c74365fa1349739c98fe5364f7e36ff14782fba6907b47ELBA-2022-4639ol7_x86_64_latest_archive
qemu-kvm-tools-1.5.3-60.el7_0.5.x86_64.rpm8d16d397b0b1155645c74365fa1349739c98fe5364f7e36ff14782fba6907b47ELBA-2022-4639ol7_x86_64_u0_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete