ELSA-2018-4312

ELSA-2018-4312 - qemu security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-12-21

Description


[15:3.0.0-3.el7]
- monitor: guard iothread access by mon->use_io_thread (Wolfgang Bumiller) [Orabug: 29046045]
- monitor: delay monitor iothread creation (Wolfgang Bumiller) [Orabug: 29010480]
- Revert 'qmp: isolate responses into io thread' (Marc-Andre Lureau) [Orabug: 29010480]
- usb-mtp: outlaw slashes in filenames (Gerd Hoffmann) [Orabug: 29037012] {CVE-2018-16867}

[15:3.0.0-2.el7]
- vfio-pci: emit FAILOVER_PRIMARY_CHANGED event on guest behalf when unrealized (Si-Wei Liu) [Orabug: 29011784]
- vfio-pci: add FAILOVER_PRIMARY_CHANGED event to shorten downtime during failover (Si-Wei Liu) [Orabug: 29011776]
- virtio_net: Add support for 'Data Path Switching' during Live Migration. (Venu Busireddy) [Orabug: 28732921]
- parfait: Run static analysis when --with parfait specified (Liam Merwick) [Orabug: 28625099]
- parfait: add buildrpm/parfait-qemu.conf (Liam Merwick) [Orabug: 28625099]
- configure: Provide option to explicitly disable AVX2 (Liam Merwick) [Orabug: 28625099]
- lsi53c895a: convert to trace-events (Mark Cave-Ayland) [Orabug: 29011792]
- lsi: Reselection needed to remove pending commands from queue (George Kennedy) [Orabug: 28626593]
- lsi53c895a: check message length value is valid (Prasad J Pandit) [Orabug: 28873239] {CVE-2018-18849}
- 9p: fix QEMU crash when renaming files (Greg Kurz) [Orabug: 28971710] {CVE-2018-19489}
- 9p: take write lock on fid path updates (CVE-2018-19364) (Greg Kurz) [Orabug: 28957033] {CVE-2018-19364}
- nvme: fix out-of-bounds access to the CMB (Paolo Bonzini) [Orabug: 28885521] {CVE-2018-16847}
- kvm: x86: Fix kvm_arch_fixup_msi_route for remap-less case (Jan Kiszka) [Orabug: 28891193]
- i386: Add new model of Cascadelake-Server (Tao Xu) [Orabug: 28886460]
- i386: Add PKU on Skylake-Server CPU model (Tao Xu) [Orabug: 28886461]


Related CVEs


CVE-2018-16867

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) qemu-3.0.0-3.el7.src.rpm01ee74228dc7a7d766306614311e12d3ELBA-2021-9161
qemu-3.0.0-3.el7.aarch64.rpm696e3c67830a95d681b922040af5ceecELBA-2021-9161
qemu-block-gluster-3.0.0-3.el7.aarch64.rpmcfa76715df77b420ecc6feb5efabed29ELBA-2021-9161
qemu-block-iscsi-3.0.0-3.el7.aarch64.rpmb9a73955c653d0d34fc4a5099ca1fb85ELBA-2021-9161
qemu-block-rbd-3.0.0-3.el7.aarch64.rpm6160bb6bb55acc05291fe91da196db8cELBA-2021-9161
qemu-common-3.0.0-3.el7.aarch64.rpmcab3e629e525e47152f3dda26191da8eELBA-2021-9161
qemu-img-3.0.0-3.el7.aarch64.rpm5d0c284bd5381ef19f22d419f6696465ELBA-2021-9161
qemu-kvm-3.0.0-3.el7.aarch64.rpm27501e3e0ec9834cdaaeb183c555d829ELBA-2021-9161
qemu-kvm-core-3.0.0-3.el7.aarch64.rpme08a2846508005cb26904f77758550f8ELBA-2021-9161
Oracle Linux 7 (x86_64) qemu-3.0.0-3.el7.src.rpm01ee74228dc7a7d766306614311e12d3ELBA-2021-9161
qemu-3.0.0-3.el7.x86_64.rpm263fcf57e60e3f623222211334afb8f6ELBA-2021-9161
qemu-block-gluster-3.0.0-3.el7.x86_64.rpm05b2843d894f0a5f256e6b34370391cfELBA-2021-9161
qemu-block-iscsi-3.0.0-3.el7.x86_64.rpmbf86a4182dbc09165f9c22680de4ec7fELBA-2021-9161
qemu-block-rbd-3.0.0-3.el7.x86_64.rpm03e3cf81bbdb8d0aaa04894199adf553ELBA-2021-9161
qemu-common-3.0.0-3.el7.x86_64.rpm0cdab4d1b6da0a14caf417a45c63a0c1ELBA-2021-9161
qemu-img-3.0.0-3.el7.x86_64.rpmf29fd5559c2cd79747082db29d8ecacdELBA-2021-9161
qemu-kvm-3.0.0-3.el7.x86_64.rpm8dd9744b945ab3fe1c44242f41d5a23dELBA-2021-9161
qemu-kvm-core-3.0.0-3.el7.x86_64.rpm6526ead59608505c021d63e751d241d3ELBA-2021-9161
qemu-system-x86-3.0.0-3.el7.x86_64.rpm329082b2b79907276236746b1a63e576ELBA-2021-9161
qemu-system-x86-core-3.0.0-3.el7.x86_64.rpmf4aae854437269fc5e037908b0f5482fELBA-2021-9161



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete