ELSA-2023-12328

ULN >
Oracle Linux Errata repository >
ELSA-2023-12328

ELSA-2023-12328 - qemu-kvm security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-05-16

Description

[6.1.1-6.el9]
- Update changelog (Karl Heubaum) [Orabug: 35343538]
- ebpf: fix compatibility with libbpf 1.0+ (Shreesh Adiga) [Orabug: 35268538]
- ebpf: replace deprecated bpf_program__set_socket_filter (Haochen Tong) [Orabug: 35268538]
- CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 (Karl Heubaum) [Orabug: 35305727] {CVE-2023-1544}
- virtio-gpu: do not byteswap padding (Paolo Bonzini) [Orabug: 35304723]
- KVM: x86: workaround invalid CPUID[0xD,9] info on some AMD processors (Paolo Bonzini) [Orabug: 35241527]
- qemu-kvm.spec: fix Linux io_uring support (Mark Kanda) [Orabug: 35265200]
- hw/intc/ioapic: Update KVM routes before redelivering IRQ, on RTE update (David Woodhouse) [Orabug: 35219290]

[6.1.1-5.el9]
- hw/pvrdma: Protect against buggy or malicious guest driver (Yuval Shaia) [Orabug: 35064352] {CVE-2022-1050}
- hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion (Philippe Mathieu-Daude) [Orabug: 35060182]
- hw/display/qxl: Avoid buffer overrun in qxl_phys2virt (CVE-2022-4144) (Philippe Mathieu-Daude) [Orabug: 35060182] {CVE-2022-4144}
- hw/display/qxl: Pass requested buffer size to qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 35060182]
- hw/display/qxl: Document qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 35060182]
- hw/display/qxl: Have qxl_log_command Return early if no log_cmd handler (Philippe Mathieu-Daude) [Orabug: 35060182]
- ui/vnc-clipboard: fix integer underflow in vnc_client_cut_text_ext (Mauro Matteo Cascella) [Orabug: 35060115] {CVE-2022-3165}
- hw/arm/virt: build SMBIOS 19 table (Mihai Carabas)
- vl: Add an -action option to override MCE handling (Mark Kanda) [Orabug: 34779160]
- hw/acpi/erst.c: Fix memory handling issues (Christian A. Ehrhardt) [Orabug: 34779541] {CVE-2022-4172}
- target/i386: kvm: do not access uninitialized variable on older kernels (Paolo Bonzini) [Orabug: 34492975]
- x86: Support XFD and AMX xsave data migration (Zeng Guang) [Orabug: 34492975]
- x86: add support for KVM_CAP_XSAVE2 and AMX state migration (Jing Liu) [Orabug: 34492975]
- x86: Add AMX CPUIDs enumeration (Jing Liu) [Orabug: 34492975]
- x86: Add XFD faulting bit for state components (Jing Liu) [Orabug: 34492975]
- x86: Grant AMX permission for guest (Yang Zhong) [Orabug: 34492975]
- x86: Add AMX XTILECFG and XTILEDATA components (Jing Liu) [Orabug: 34492975]
- x86: Fix the 64-byte boundary enumeration for extended state (Jing Liu) [Orabug: 34492975]
- linux-headers: include missing changes from 5.17 (Paolo Bonzini) [Orabug: 34492975]
- linux-headers: Update headers to v5.17-rc1 (Vivek Goyal) [Orabug: 34492975]
- linux-headers: update to 5.16-rc1 (Paolo Bonzini) [Orabug: 34492975]
- i386/pc: restrict AMD only enforcing of 1Tb hole to new machine type (Joao Martins)
- i386/pc: relocate 4g start to 1T where applicable (Joao Martins)
- i386/pc: bounds check phys-bits against max used GPA (Joao Martins)
- i386/pc: factor out device_memory base/size to helper (Joao Martins)
- i386/pc: factor out above-4g end to an helper (Joao Martins)
- i386/pc: pass pci_hole64_size to pc_memory_init() (Joao Martins)
- i386/pc: create pci-host qdev prior to pc_memory_init() (Joao Martins)
- hw/i386: add 4g boundary start to X86MachineState (Joao Martins)
- vhost-vdpa: fix assert !virtio_net_get_subqueue(nc)->async_tx.elem in virtio_net_reset (Si-Wei Liu)
- net/vhost-vdpa.c: Fix clang compilation failure (Peter Maydell)
- vhost-vdpa: allow passing opened vhostfd to vhost-vdpa (Si-Wei Liu)

Related CVEs

CVE-2023-1544

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	qemu-kvm-6.1.1-6.el9.src.rpm	32f86ebe66c31010e7429ad489f16abd622a80a5a8d5710a63691f20edd7927e	-	ol9_aarch64_kvm_utils
	qemu-guest-agent-6.1.1-6.el9.aarch64.rpm	7447488520e9504e8a600918532fdce8d572ca0d23c3b211bbe648d8977b85ce	-	ol9_aarch64_kvm_utils
	qemu-img-6.1.1-6.el9.aarch64.rpm	983d85eb0c7fb6652a677fb42669db8599dcd68fe5908448b4d7a76ba6d42c83	-	ol9_aarch64_kvm_utils
	qemu-kvm-6.1.1-6.el9.aarch64.rpm	7903f1119c5627f95e563d4106fcc1c8e024b0a4c7d26a545f26f79b794f058e	-	ol9_aarch64_kvm_utils
	qemu-kvm-block-curl-6.1.1-6.el9.aarch64.rpm	7c7914290da3073b3c7c6213de2d59d2ed9e42749d4f8749cf058079aa0ceed4	-	ol9_aarch64_kvm_utils
	qemu-kvm-block-iscsi-6.1.1-6.el9.aarch64.rpm	3838d6c864dede651c878a6027ab9b6bede4165106dbb68de31321c8b42597b1	-	ol9_aarch64_kvm_utils
	qemu-kvm-block-rbd-6.1.1-6.el9.aarch64.rpm	b5fb0de814d0ee8fdb7456c4ab1d020ea33b15fa1d3a9c91894b733c3b748e82	-	ol9_aarch64_kvm_utils
	qemu-kvm-block-ssh-6.1.1-6.el9.aarch64.rpm	64fb3c8bb7c8cf7bda2c7d0608e8967f3947ade0a1a29dbad4657c44f352081c	-	ol9_aarch64_kvm_utils
	qemu-kvm-common-6.1.1-6.el9.aarch64.rpm	03b62313dc15cdb39a41b86cb18771355f15ae42d3d5ec4919027687a392f4e9	-	ol9_aarch64_kvm_utils
	qemu-kvm-core-6.1.1-6.el9.aarch64.rpm	ad514b777d660d4446cdf3c288a5cf512a3e798db19bb7f4e6e0dec166c925f3	-	ol9_aarch64_kvm_utils
	qemu-virtiofsd-6.1.1-6.el9.aarch64.rpm	11d0ffe687f903df828702bd3472bf7144a9d394dfe16e86357d26a50d821ee6	-	ol9_aarch64_kvm_utils

Oracle Linux 9 (x86_64)	qemu-kvm-6.1.1-6.el9.src.rpm	32f86ebe66c31010e7429ad489f16abd622a80a5a8d5710a63691f20edd7927e	-	ol9_x86_64_kvm_utils
	qemu-guest-agent-6.1.1-6.el9.x86_64.rpm	f08008d652410f92d30ff4df4814e29e2ffbca63a0d0b9efe818b5741a9b1e05	-	ol9_x86_64_kvm_utils
	qemu-img-6.1.1-6.el9.x86_64.rpm	dfe7e1e1222e1c6cb76a4cda17338992ec22f79c6805277b4746d65fc73ffc9a	-	ol9_x86_64_kvm_utils
	qemu-kvm-6.1.1-6.el9.x86_64.rpm	f8b83762bf9a21b4f7cf59badd8f36643a2fac8d4ec7415e1f88eb56714c691d	-	ol9_x86_64_kvm_utils
	qemu-kvm-block-curl-6.1.1-6.el9.x86_64.rpm	610b75ece96f8d1641a9e912bab6954d6fe9cea50dd7d5f368c80a3ede99111b	-	ol9_x86_64_kvm_utils
	qemu-kvm-block-iscsi-6.1.1-6.el9.x86_64.rpm	7d667547794cf327b430e98bcd9ab692439fa73784b82775931b5a133c16d80a	-	ol9_x86_64_kvm_utils
	qemu-kvm-block-rbd-6.1.1-6.el9.x86_64.rpm	de59fbe7a7bd60db2e981c174089af2394eb1d43a40506a1c3b12a5eb1046f21	-	ol9_x86_64_kvm_utils
	qemu-kvm-block-ssh-6.1.1-6.el9.x86_64.rpm	f298324a68f26f8ff8b24027e1d9da96915461177f4f610536327f8a24563335	-	ol9_x86_64_kvm_utils
	qemu-kvm-common-6.1.1-6.el9.x86_64.rpm	87df8359115e0594533fa411e7273cc7cd81ea4bc19683e510d1e4131ce2518f	-	ol9_x86_64_kvm_utils
	qemu-kvm-core-6.1.1-6.el9.x86_64.rpm	5a94497e2c1b7b8c63efea1364d20f15072ff3ef0dff7344f83f5d94da9388a4	-	ol9_x86_64_kvm_utils
	qemu-virtiofsd-6.1.1-6.el9.x86_64.rpm	37fb4d18e3293bbd071760cdb131821028a3b726dba0b10feadafce24b0a43f1	-	ol9_x86_64_kvm_utils

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691