ELSA-2023-12328
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-12328
ELSA-2023-12328 - qemu-kvm security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-05-16 |
Description
[6.1.1-6.el9]
- Update changelog (Karl Heubaum) [Orabug: 35343538]
- ebpf: fix compatibility with libbpf 1.0+ (Shreesh Adiga) [Orabug: 35268538]
- ebpf: replace deprecated bpf_program__set_socket_filter (Haochen Tong) [Orabug: 35268538]
- CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 (Karl Heubaum) [Orabug: 35305727] {CVE-2023-1544}
- virtio-gpu: do not byteswap padding (Paolo Bonzini) [Orabug: 35304723]
- KVM: x86: workaround invalid CPUID[0xD,9] info on some AMD processors (Paolo Bonzini) [Orabug: 35241527]
- qemu-kvm.spec: fix Linux io_uring support (Mark Kanda) [Orabug: 35265200]
- hw/intc/ioapic: Update KVM routes before redelivering IRQ, on RTE update (David Woodhouse) [Orabug: 35219290]
[6.1.1-5.el9]
- hw/pvrdma: Protect against buggy or malicious guest driver (Yuval Shaia) [Orabug: 35064352] {CVE-2022-1050}
- hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion (Philippe Mathieu-Daude) [Orabug: 35060182]
- hw/display/qxl: Avoid buffer overrun in qxl_phys2virt (CVE-2022-4144) (Philippe Mathieu-Daude) [Orabug: 35060182] {CVE-2022-4144}
- hw/display/qxl: Pass requested buffer size to qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 35060182]
- hw/display/qxl: Document qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 35060182]
- hw/display/qxl: Have qxl_log_command Return early if no log_cmd handler (Philippe Mathieu-Daude) [Orabug: 35060182]
- ui/vnc-clipboard: fix integer underflow in vnc_client_cut_text_ext (Mauro Matteo Cascella) [Orabug: 35060115] {CVE-2022-3165}
- hw/arm/virt: build SMBIOS 19 table (Mihai Carabas)
- vl: Add an -action option to override MCE handling (Mark Kanda) [Orabug: 34779160]
- hw/acpi/erst.c: Fix memory handling issues (Christian A. Ehrhardt) [Orabug: 34779541] {CVE-2022-4172}
- target/i386: kvm: do not access uninitialized variable on older kernels (Paolo Bonzini) [Orabug: 34492975]
- x86: Support XFD and AMX xsave data migration (Zeng Guang) [Orabug: 34492975]
- x86: add support for KVM_CAP_XSAVE2 and AMX state migration (Jing Liu) [Orabug: 34492975]
- x86: Add AMX CPUIDs enumeration (Jing Liu) [Orabug: 34492975]
- x86: Add XFD faulting bit for state components (Jing Liu) [Orabug: 34492975]
- x86: Grant AMX permission for guest (Yang Zhong) [Orabug: 34492975]
- x86: Add AMX XTILECFG and XTILEDATA components (Jing Liu) [Orabug: 34492975]
- x86: Fix the 64-byte boundary enumeration for extended state (Jing Liu) [Orabug: 34492975]
- linux-headers: include missing changes from 5.17 (Paolo Bonzini) [Orabug: 34492975]
- linux-headers: Update headers to v5.17-rc1 (Vivek Goyal) [Orabug: 34492975]
- linux-headers: update to 5.16-rc1 (Paolo Bonzini) [Orabug: 34492975]
- i386/pc: restrict AMD only enforcing of 1Tb hole to new machine type (Joao Martins)
- i386/pc: relocate 4g start to 1T where applicable (Joao Martins)
- i386/pc: bounds check phys-bits against max used GPA (Joao Martins)
- i386/pc: factor out device_memory base/size to helper (Joao Martins)
- i386/pc: factor out above-4g end to an helper (Joao Martins)
- i386/pc: pass pci_hole64_size to pc_memory_init() (Joao Martins)
- i386/pc: create pci-host qdev prior to pc_memory_init() (Joao Martins)
- hw/i386: add 4g boundary start to X86MachineState (Joao Martins)
- vhost-vdpa: fix assert !virtio_net_get_subqueue(nc)->async_tx.elem in virtio_net_reset (Si-Wei Liu)
- net/vhost-vdpa.c: Fix clang compilation failure (Peter Maydell)
- vhost-vdpa: allow passing opened vhostfd to vhost-vdpa (Si-Wei Liu)
Related CVEs
| CVE-2023-1544 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 9 (aarch64) | qemu-kvm-6.1.1-6.el9.src.rpm | e221cb9890b4459f3f43784128f45ef3 | - |
| qemu-guest-agent-6.1.1-6.el9.aarch64.rpm | d5bb50dcafe56e912a49378bebc26924 | - | |
| qemu-img-6.1.1-6.el9.aarch64.rpm | d4b9ef8ad7e9f414e929090143f86c1b | - | |
| qemu-kvm-6.1.1-6.el9.aarch64.rpm | c98fdc984fc9ba0ce3356ff028250ab9 | - | |
| qemu-kvm-block-curl-6.1.1-6.el9.aarch64.rpm | 603b9e2bcd283ca5c6f9f6bd125dd249 | - | |
| qemu-kvm-block-iscsi-6.1.1-6.el9.aarch64.rpm | 8fbea26b034ea05a6f5940525f4b5ff3 | - | |
| qemu-kvm-block-rbd-6.1.1-6.el9.aarch64.rpm | 90dce7ef0ff94692d527d70af8bfff07 | - | |
| qemu-kvm-block-ssh-6.1.1-6.el9.aarch64.rpm | 10d0284d0d2f51e0ece4f7e220b2eac8 | - | |
| qemu-kvm-common-6.1.1-6.el9.aarch64.rpm | 49e46487a19d0471674dd75bb4761385 | - | |
| qemu-kvm-core-6.1.1-6.el9.aarch64.rpm | 93c6cefcaa948e03e012eebc49a5bd7a | - | |
| qemu-virtiofsd-6.1.1-6.el9.aarch64.rpm | d5461c4d54c0321495c6ce3bbe331b4a | - | |
| Oracle Linux 9 (x86_64) | qemu-kvm-6.1.1-6.el9.src.rpm | e221cb9890b4459f3f43784128f45ef3 | - |
| qemu-guest-agent-6.1.1-6.el9.x86_64.rpm | dfa671f2cbc0b99a2bd23687e2182741 | - | |
| qemu-img-6.1.1-6.el9.x86_64.rpm | b5f0a6a3c9a5b816459298cc52e221c7 | - | |
| qemu-kvm-6.1.1-6.el9.x86_64.rpm | 3cd659fa785bd4f33a97aa31e8666a01 | - | |
| qemu-kvm-block-curl-6.1.1-6.el9.x86_64.rpm | 490b186fe370caf8ade8c4601484c695 | - | |
| qemu-kvm-block-iscsi-6.1.1-6.el9.x86_64.rpm | 9449d48ce12b32bce1a6b725c641f973 | - | |
| qemu-kvm-block-rbd-6.1.1-6.el9.x86_64.rpm | e0c18d85a68b580bec32724488d242e9 | - | |
| qemu-kvm-block-ssh-6.1.1-6.el9.x86_64.rpm | e8f2d91262c839009bce5d17e3a7ec1d | - | |
| qemu-kvm-common-6.1.1-6.el9.x86_64.rpm | 31c61386c6c95428bc76190a573d9b90 | - | |
| qemu-kvm-core-6.1.1-6.el9.x86_64.rpm | 0d9c80916c53936598afd9e29fe1ccab | - | |
| qemu-virtiofsd-6.1.1-6.el9.x86_64.rpm | 0408307531c5510f17989f506144dc9f | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
