ELSA-2019-2078 - qemu-kvm security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | LOW |
| Release Date: | 2019-08-13 |
Description
[1.5.3-167.el7]
- Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]
- Resolves: bz#1618503
(qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])
[1.5.3-166.el7]
- kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]
- Resolves: bz#1618503
(qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])
[1.5.3-165.el7]
- kvm-Fix-eax-for-cpuid-leaf-0x40000000.patch [bz#1709495]
- kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch [bz#1669068]
- kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch [bz#1669068]
- kvm-slirp-don-t-manipulate-so_rcv-in-tcp_emu.patch [bz#1669068]
- Resolves: bz#1669068
(CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu() [rhel-7.7])
- Resolves: bz#1709495
(Change CPUID[0x40000000].EAX from 0 to KVM_CPUID_FE...ATURES (0x40000001))
[1.5.3-164.el7]
- kvm-target-i386-define-md-clear-bit-rhel.patch [bz#1693217]
- Resolves: bz#1693217
(CVE-2018-12126 qemu-kvm: hardware: Microarchitectural Store Buffer Data Sampling [rhel-7.7] )
[1.5.3-163.el7]
- kvm-x86-cpu-Enable-CLDEMOTE-Demote-Cache-Line-cpu-featur.patch [bz#1537773]
- kvm-vfio-pci-Lazy-PBA-emulation.patch [bz#1459077]
- kvm-slirp-check-sscanf-result-when-emulating-ident.patch [bz#1689791]
- Resolves: bz#1459077
([Intel 7.7 Bug] QEMU version in RHEL7.4 beta does not support KVM passthrough with WFR card)
- Resolves: bz#1537773
([Intel 7.7 Feat] KVM Enabling SnowRidge new NIs - qemu-kvm)
- Resolves: bz#1689791
(CVE-2019-9824 qemu-kvm: QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables [rhel-7])
[1.5.3-162.el7]
- kvm-i386-Deprecate-arch-facilities-and-make-it-block-liv.patch [bz#1658407]
- kvm-Do-not-build-bluetooth-support.patch [bz#1654627]
- Resolves: bz#1654627
(Qemu: hw: bt: keep bt/* objects from building [rhel-7.7])
- Resolves: bz#1658407
(mode='host-model' VMs include broken 'arch-facilities' flag name [qemu-kvm])
[1.5.3-161.el7]
- kvm-Inhibit-ballooning-during-postcopy.patch [bz#1659229]
- kvm-balloon-Allow-multiple-inhibit-users.patch [bz#1659229]
- kvm-check-KVM_CAP_SYNC_MMU-with-kvm_vm_check_extensi.patch [bz#1659229]
- kvm-Use-inhibit-to-prevent-ballooning-without-synchr.patch [bz#1659229]
- kvm-vfio-Inhibit-ballooning-based-on-group-attachment-to.patch [bz#1659229]
- Resolves: bz#1659229
(Ballooning is incompatible with vfio assigned devices, but not prevented)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (x86_64) | qemu-kvm-1.5.3-167.el7.src.rpm | 6c2ef4713199e8fda0b7ab5555722413 | ELBA-2021-9161 |
| qemu-img-1.5.3-167.el7.x86_64.rpm | 5dcf5431e9fbf00ed8305b985493d1ec | ELBA-2021-9161 |
| qemu-kvm-1.5.3-167.el7.x86_64.rpm | ea63f32a395fc113537839a888eb1713 | ELBA-2021-9161 |
| qemu-kvm-common-1.5.3-167.el7.x86_64.rpm | aacbbbcdf8559d31c19d011237aeb199 | ELSA-2021-0347 |
| qemu-kvm-tools-1.5.3-167.el7.x86_64.rpm | b452c02994d0c57f23806e0b441874f8 | ELSA-2021-0347 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
