ELSA-2019-4630

ELSA-2019-4630 - qemu security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2019-05-14

Description


[15:3.1.0-3.el7]
- x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as
fixed (Mark Kanda) [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127}
{CVE-2018-12130} {CVE-2019-11091}

[15:3.1.0-2.el7]
- x86: Add mds feature (Karl Heubaum)
- e1000: Never increment the RX undersize count register (Chris Kenna)
- qemu.spec: audioflags set but never passed to configure script (Liam Merwick) [Orabug: 29715562]
- parfait: deal with parfait returning non-zero return value (Liam Merwick) [Orabug: 29715548]
- parfait: use nproc to choose default number of threads (Liam Merwick) [Orabug: 29715548]
- parfait: provide option to upload results (Liam Merwick) [Orabug: 29715548]
- parfait: disable misaligned-access check (Liam Merwick) [Orabug: 29715548]
- Document CVE-2019-8934 and CVE-2019-5008 as fixed (Mark Kanda) [Orabug: 29715605] {CVE-2019-5008} {CVE-2019-8934}
- device_tree.c: Don't use load_image() (Peter Maydell) [Orabug: 29715527] {CVE-2018-20815}
- slirp: check sscanf result when emulating ident (William Bowling) [Orabug: 29715525] {CVE-2019-9824}
- i2c-ddc: fix oob read (Gerd Hoffmann) [Orabug: 29715520] {CVE-2019-3812}
- scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini) [Orabug: 29259700] {CVE-2019-6501}
- slirp: check data length while emulating ident function (Prasad J Pandit) [Orabug: 29715755] {CVE-2019-6778}

[15:3.1.0-1.el7]
- vfio-pci: emit FAILOVER_PRIMARY_CHANGED event on guest behalf when unrealized
- vfio-pci: emit FAILOVER_PRIMARY_CHANGED event on guest behalf when unrealized (Si-Wei Liu) [Orabug: 29216696]
- vfio-pci: add FAILOVER_PRIMARY_CHANGED event to shorten downtime during failover (Si-Wei Liu) [Orabug: 29216701]
- virtio_net: Add support for 'Data Path Switching' during Live Migration. (Venu Busireddy) [Orabug: 29216704]
- virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit to virtio_net (Sridhar Samudrala) [Orabug: 29216714]
- i386: Add some MSR based features on Cascadelake-Server CPU model (Tao Xu) [Orabug: 29216681]
- i386: Update stepping of Cascadelake-Server (Tao Xu) [Orabug: 29216681]
- usb-mtp: use O_NOFOLLOW and O_CLOEXEC. (Gerd Hoffmann) [Orabug: 29216656] {CVE-2018-16872}
- pvrdma: add uar_read routine (Prasad J Pandit) [Orabug: 29216658] {CVE-2018-20191}
- pvrdma: release ring object in case of an error (Prasad J Pandit) [Orabug: 29216659] {CVE-2018-20126}
- pvrdma: check number of pages when creating rings (Prasad J Pandit) [Orabug: 29216666] {CVE-2018-20125}
- pvrdma: check return value from pvrdma_idx_ring_has_ routines (Prasad J Pandit) [Orabug: 29216672] {CVE-2018-20216}
- rdma: remove unused VENDOR_ERR_NO_SGE macro (Prasad J Pandit) [Orabug: 29216678] {CVE-2018-20124}
- rdma: check num_sge does not exceed MAX_SGE (Prasad J Pandit) [Orabug: 29216678] {CVE-2018-20124}
- i386: Add 'stibp' flag name (Eduardo Habkost)
- parfait: Run static analysis when --with parfait specified (Liam Merwick) [Orabug: 29216688]
- parfait: add buildrpm/parfait-qemu.conf (Liam Merwick) [Orabug: 29216688]
- Document various CVEs as fixed (Mark Kanda) [Orabug: 29212424] {CVE-2017-10806} {CVE-2017-11334} {CVE-2017-12809} {CVE-2017-13672} {CVE-2017-13673} {CVE-2017-13711} {CVE-2017-14167} {CVE-2017-15038} {CVE-2017-15119} {CVE-2017-15124} {CVE-2017-15268} {CVE-2017-15289} {CVE-2017-16845} {CVE-2017-17381} {CVE-2017-18030} {CVE-2017-18043} {CVE-2017-2630} {CVE-2017-2633} {CVE-2017-5715} {CVE-2017-5753} {CVE-2017-5754} {CVE-2017-7471} {CVE-2017-7493} {CVE-2017-8112} {CVE-2017-8309} {CVE-2017-8379} {CVE-2017-8380} {CVE-2017-9503} {CVE-2018-10839} {CVE-2018-11806} {CVE-2018-12617} {CVE-2018-15746} {CVE-2018-16847} {CVE-2018-16867} {CVE-2018-17958} {CVE-2018-17962} {CVE-2018-17963} {CVE-2018-18849} {CVE-2018-19364} {CVE-2018-19489} {CVE-2018-3639} {CVE-2018-5683} {CVE-2018-7550} {CVE-2018-7858}
- qemu.spec: Initial qemu.spec (Mark Kanda)
- virtio-pci: Set subsystem vendor ID to Oracle (Mark Kanda)
- qemu_regdump.py: Initial qemu_regdump.py (Mark Kanda)
- qmp-regdump: Initial qmp-regdump (Mark Kanda)
- bridge.conf: Initial bridge.conf (Mark Kanda)
- kvm.conf: Initial kvm.conf (Mark Kanda)
- 80-kvm.rules: Initial 80-kvm.rules (Mark Kanda)


Related CVEs


CVE-2018-12130
CVE-2018-12127
CVE-2019-11091
CVE-2018-12126

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) qemu-3.1.0-3.el7.src.rpme9fd1e1483cecf3ff76d4bd0518ebfd7ec998cf9faf78792060d25086d1a9c36ELBA-2023-24511ol7_aarch64_latest
qemu-3.1.0-3.el7.aarch64.rpm34fafe0343007313d69cfeddb7d3894b734b8d1eabd469310fd37073c81d1066ELBA-2023-24511ol7_aarch64_latest
qemu-block-gluster-3.1.0-3.el7.aarch64.rpmbc7cb3e5e38391e9801708c4364366f103f552238f683d2f159a04f448be94e2ELBA-2024-12732ol7_aarch64_latest
qemu-block-iscsi-3.1.0-3.el7.aarch64.rpm4c8a4c59968174606ef33e57084317d94a157765fa9b881d9906e38d362f4254ELBA-2024-12732ol7_aarch64_latest
qemu-block-rbd-3.1.0-3.el7.aarch64.rpmf1539a90e1d3a7717549ce44e57956b6c59441b6c4737b1af9cb71e5c10086a9ELBA-2024-12732ol7_aarch64_latest
qemu-common-3.1.0-3.el7.aarch64.rpm5f1d86235aa364895c4b2a96a4e8704091b0928a89dcd08bd52e1a4a6e146863ELBA-2023-24511ol7_aarch64_latest
qemu-img-3.1.0-3.el7.aarch64.rpm7866f44cb6822b1ffab27c8c68f28f533b540c3b515e85c679e416bb966bded0ELBA-2024-12732ol7_aarch64_latest
qemu-kvm-3.1.0-3.el7.aarch64.rpm50cfbb08c2a2d5bb67f0ac22113061325eaa6c3c901d5d43c8de7b9b7f19c180ELBA-2024-12732ol7_aarch64_latest
qemu-kvm-core-3.1.0-3.el7.aarch64.rpm042c21dc81f21cbfab669671db03d6704b6a948da7166e18f167219a57ef8e32ELBA-2024-12732ol7_aarch64_latest
Oracle Linux 7 (x86_64) qemu-3.1.0-3.el7.src.rpme9fd1e1483cecf3ff76d4bd0518ebfd7ec998cf9faf78792060d25086d1a9c36ELBA-2023-24511ol7_x86_64_kvm_utils
qemu-3.1.0-3.el7.x86_64.rpmc75390fb5d973763e1fd27d891757342eee648f34867c8cf61acfd5fb73c1f96ELBA-2023-24511ol7_x86_64_kvm_utils
qemu-block-gluster-3.1.0-3.el7.x86_64.rpm1bcfc1e38bad7e92e70c97c01218e47bb1903da3d3124107f627980d79d3b3fdELBA-2024-12732ol7_x86_64_kvm_utils
qemu-block-iscsi-3.1.0-3.el7.x86_64.rpme9e7cb4a4cc7a5ccc1e0c0601643f2893818bbcd1f8c4aed6f33e08891be9123ELBA-2024-12732ol7_x86_64_kvm_utils
qemu-block-rbd-3.1.0-3.el7.x86_64.rpm2fd33ee8b5b8a32366460f7ab0f47473dfed7f98e3e1992396975baba86104feELBA-2024-12732ol7_x86_64_kvm_utils
qemu-common-3.1.0-3.el7.x86_64.rpm596856a279fd02f3e49d1004b420a970591221b5aa155c924e1429b029824abaELBA-2023-24511ol7_x86_64_kvm_utils
qemu-img-3.1.0-3.el7.x86_64.rpmab7dbcf9800ab7537aa674ce25ef3ce01ef131548654213ccc43b616bca964ebELBA-2024-12732ol7_x86_64_kvm_utils
qemu-kvm-3.1.0-3.el7.x86_64.rpma4ae7ebf7f41c74e94c1ea34c4e7fbef3cdffd6109ccc410bf44050a787860d0ELBA-2024-12732ol7_x86_64_kvm_utils
qemu-kvm-core-3.1.0-3.el7.x86_64.rpm721a68c3b44ae8bd25d93769d8e7b77d2d69aaaa78db2c09f701b162563afc21ELBA-2024-12732ol7_x86_64_kvm_utils
qemu-system-x86-3.1.0-3.el7.x86_64.rpm9cd34bca281e18f1b8b7e888d07bd33f83e37fc68614225e398304e18326ff32ELBA-2023-24511ol7_x86_64_kvm_utils
qemu-system-x86-core-3.1.0-3.el7.x86_64.rpmf7e56b796d30e3b55b3286f87a93e7940a41d4540872a284a13e9ead4767284aELBA-2024-12732ol7_x86_64_kvm_utils



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete