ELSA-2020-1116

ULN >
Oracle Linux Errata repository >
ELSA-2020-1116

ELSA-2020-1116 - qemu-kvm security, bug fix, and enhancement update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-04-06

Description

[1.5.3-173.el7]
- kvm-tcp_emu-Fix-oob-access.patch [bz#1791560]
- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791560]
- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791560]
- Resolves: bz#1791560
(CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-7.8])

[1.5.3-172.el7]
- kvm-target-i386-Export-TAA_NO-bit-to-guests.patch [bz#1771961]
- kvm-target-i386-add-support-for-MSR_IA32_TSX_CTRL.patch [bz#1771961]
- Resolves: bz#1771961
(CVE-2019-11135 qemu-kvm: hw: TSX Transaction Asynchronous Abort (TAA) [rhel-7.8])

[1.5.3-171.el7]
- kvm-i386-Add-new-model-of-Cascadelake-Server.patch [bz#1638471]
- kvm-i386-Disable-OSPKE-on-Cascadelake-Server.patch [bz#1638471]
- kvm-i386-remove-the-INTEL_PT-CPUID-bit-from-Cascadelake-.patch [bz#1638471]
- kvm-Add-missing-brackets-to-CPUID-0x80000008-code.patch [bz#1760607]
- Resolves: bz#1638471
([Intel 7.8 Feat] qemu-kvm Introduce Cascade Lake (CLX) cpu model)
- Resolves: bz#1760607
(Corrupted EAX values due to missing brackets at CPUID[0x800000008] code)

[1.5.3-170.el7]
- kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch [bz#1749735]
- kvm-target-i386-Merge-feature-filtering-checking-functio.patch [bz#1709971]
- kvm-target-i386-Isolate-KVM-specific-code-on-CPU-feature.patch [bz#1709971]
- kvm-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch [bz#1709971]
- kvm-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch [bz#1709971]
- kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch [bz#1709971]
- kvm-x86-Data-structure-changes-to-support-MSR-based-feat.patch [bz#1709971]
- kvm-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch [bz#1709971]
- kvm-Use-KVM_GET_MSR_INDEX_LIST-for-MSR_IA32_ARCH_CAP.patch [bz#1709971]
- kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch [bz#1709971]
- kvm-Remove-arch-capabilities-deprecation.patch [bz#1709971]
- kvm-target-i386-add-MDS-NO-feature.patch [bz#1714791]
- Resolves: bz#1709971
([Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm)
- Resolves: bz#1714791
([Intel 7.8 FEAT] MDS_NO exposure to guest - qemu-kvm)
- Resolves: bz#1749735
(CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-7])

[1.5.3-169.el7]
- kvm-target-i386-Support-invariant-tsc-flag.patch [bz#1626871]
- kvm-target-i386-block-migration-and-savevm-if-invariant-.patch [bz#1626871]
- kvm-i386-Don-t-copy-host-virtual-address-limit.patch [bz#1706658]
- Resolves: bz#1626871
([RFE] request for using TscInvariant feature with qemu-kvm.)
- Resolves: bz#1706658
([Intel 7.8 Bug] qemu-kvm fail with 'err:kvm_init_vcpu() invalidate argumant' on ICX platform)

[1.5.3-168.el7]
- kvm-qxl-check-release-info-object.patch [bz#1712703]
- kvm-bswap.h-Remove-cpu_to_be16wu.patch [bz#1270166]
- kvm-net-Transmit-zero-UDP-checksum-as-0xFFFF.patch [bz#1270166]
- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734749]
- Resolves: bz#1270166
(UDP packet checksum is not converted from 0x0000 to 0xffff with Qemu e1000 emulation.)
- Resolves: bz#1712703
(CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-7])
- Resolves: bz#1734749
(CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-7.8])

Related CVEs

CVE-2020-7039

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	qemu-kvm-1.5.3-173.el7.src.rpm	5adbffd76e2fd1492d90c25d949439a90f8d95bf1452b4112f60f194b06ae22b	ELBA-2024-12732	ol7_x86_64_latest
	qemu-kvm-1.5.3-173.el7.src.rpm	5adbffd76e2fd1492d90c25d949439a90f8d95bf1452b4112f60f194b06ae22b	ELBA-2024-12732	ol7_x86_64_u8_base
	qemu-img-1.5.3-173.el7.x86_64.rpm	33321b08edb809ae73e9af05f5caa1956b11ac16c8a7b78bd3fa2901e4ab06b2	ELBA-2024-12732	ol7_x86_64_latest
	qemu-img-1.5.3-173.el7.x86_64.rpm	33321b08edb809ae73e9af05f5caa1956b11ac16c8a7b78bd3fa2901e4ab06b2	ELBA-2024-12732	ol7_x86_64_u8_base
	qemu-kvm-1.5.3-173.el7.x86_64.rpm	ddff5f0dfb549c350c4a689e7606e1d90166f6469894e4ba9f285a9eaca0c05f	ELBA-2024-12732	ol7_x86_64_latest
	qemu-kvm-1.5.3-173.el7.x86_64.rpm	ddff5f0dfb549c350c4a689e7606e1d90166f6469894e4ba9f285a9eaca0c05f	ELBA-2024-12732	ol7_x86_64_u8_base
	qemu-kvm-common-1.5.3-173.el7.x86_64.rpm	fc9ce523a4906f11ef663c5b242e5be2a06c995d3af197bd41f4bf3ac8632716	ELBA-2022-4639	ol7_x86_64_latest
	qemu-kvm-common-1.5.3-173.el7.x86_64.rpm	fc9ce523a4906f11ef663c5b242e5be2a06c995d3af197bd41f4bf3ac8632716	ELBA-2022-4639	ol7_x86_64_u8_base
	qemu-kvm-tools-1.5.3-173.el7.x86_64.rpm	5619b211666a8d1fbdc09794b96abeb8f1ac7e2e578bfdcd88fcbac4e1eb21d3	ELBA-2022-4639	ol7_x86_64_latest
	qemu-kvm-tools-1.5.3-173.el7.x86_64.rpm	5619b211666a8d1fbdc09794b96abeb8f1ac7e2e578bfdcd88fcbac4e1eb21d3	ELBA-2022-4639	ol7_x86_64_u8_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691