ELSA-2020-0366

ELSA-2020-0366 - qemu-kvm security, bug fix, and enhancement update

Type:SECURITY
Severity:IMPORTANT
Release Date:2020-02-05

Description


[1.5.3-167.el7_7.4]
- kvm-target-i386-add-MDS-NO-feature.patch [bz#1755333]
- Resolves: bz#1755333
([Intel 7.8 FEAT] MDS_NO exposure to guest - qemu-kvm [rhel-7.7.z])

[1.5.3-167.el7_7.3]
- kvm-target-i386-Export-TAA_NO-bit-to-guests.patch [bz#1771960]
- kvm-target-i386-add-support-for-MSR_IA32_TSX_CTRL.patch [bz#1771960]
- Resolves: bz#1771960
(CVE-2019-11135 qemu-kvm: hw: TSX Transaction Asynchronous Abort (TAA) [rhel-7.7.z])

[1.5.3-167.el7_7.2]
- kvm-target-i386-Merge-feature-filtering-checking-functio.patch [bz#1730606]
- kvm-target-i386-Isolate-KVM-specific-code-on-CPU-feature.patch [bz#1730606]
- kvm-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch [bz#1730606]
- kvm-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch [bz#1730606]
- kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch [bz#1730606]
- kvm-x86-Data-structure-changes-to-support-MSR-based-feat.patch [bz#1730606]
- kvm-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch [bz#1730606]
- kvm-Use-KVM_GET_MSR_INDEX_LIST-for-MSR_IA32_ARCH_CAP.patch [bz#1730606]
- kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch [bz#1730606]
- kvm-Remove-arch-capabilities-deprecation.patch [bz#1730606]
- Resolves: bz#1730606
([Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm [rhel-7.7.z])


Related CVEs


CVE-2019-11135
CVE-2019-14378

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) qemu-kvm-1.5.3-167.el7_7.4.src.rpm1025febb1aa1e6b837c6feb8375986da-
qemu-img-1.5.3-167.el7_7.4.x86_64.rpm5e27ed69f414c1ccc52b25f79d836ae5-
qemu-kvm-1.5.3-167.el7_7.4.x86_64.rpm0b76bd5850b86b9a4d5d1e3a88cf502a-
qemu-kvm-common-1.5.3-167.el7_7.4.x86_64.rpmafb98948ede4235c9711cfbd26b016ff-
qemu-kvm-tools-1.5.3-167.el7_7.4.x86_64.rpm58d4ed27be8e55bb3cfb1b40b3986a90-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete