ELSA-2024-12407
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-12407
ELSA-2024-12407 - qemu-kvm security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2024-06-03 |
Description
[7.2.0-11.el9]
- vfio/migration: Add a note about migration rate limiting (Avihai Horon) [Orabug: 36329758]
- vfio/migration: Refactor vfio_save_state() return value (Avihai Horon) [Orabug: 36329758]
- migration: Don't serialize devices in qemu_savevm_state_iterate() (Avihai Horon) [Orabug: 36329758]
- ui/clipboard: add asserts for update and request (Fiona Ebner) [Orabug: 36323175] {CVE-2023-6683}
- ui/clipboard: mark type as not available when there is no data (Fiona Ebner) [Orabug: 36323175] {CVE-2023-6683}
- virtio-net: correctly copy vnet header when flushing TX (Jason Wang) [Orabug: 36154459] {CVE-2023-6693}
- esp: restrict non-DMA transfer length to that of available data (Mark Cave-Ayland) [Orabug: 36322141] {CVE-2024-24474}
- vhost: Perform memory section dirty scans once per iteration (Si-Wei Liu)
- vhost: dirty log should be per backend type (Si-Wei Liu)
- net: Update MemReentrancyGuard for NIC (Akihiko Odaki) [Orabug: 35644197] {CVE-2023-3019}
- net: Provide MemReentrancyGuard * to qemu_new_nic() (Akihiko Odaki) [Orabug: 35644197] {CVE-2023-3019}
- lsi53c895a: disable reentrancy detection for MMIO region, too (Thomas Huth) [Orabug: 33774027] {CVE-2021-3750}
- memory: stricter checks prior to unsetting engaged_in_io (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- async: avoid use-after-free on re-entrancy guard (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- apic: disable reentrancy detection for apic-msi (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- raven: disable reentrancy detection for iomem (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- bcm2835_property: disable reentrancy detection for iomem (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- lsi53c895a: disable reentrancy detection for script RAM (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- hw: replace most qemu_bh_new calls with qemu_bh_new_guarded (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- checkpatch: add qemu_bh_new/aio_bh_new checks (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- async: Add an optional reentrancy guard to the BH API (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- memory: prevent dma-reentracy issues (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- hw/acpi: propagate vcpu hotplug after switch to modern interface (Aaron Young)
- migration: Fix use-after-free of migration state object (Fabiano Rosas) [Orabug: 36242218]
- kvm: Fix crash due to access uninitialized kvm_state (Gavin Shan) [Orabug: 36269244]
- migration: Avoid usage of static variable inside tracepoint (Joao Martins)
- migration: Add tracepoints for downtime checkpoints (Peter Xu)
- migration: migration_stop_vm() helper (Peter Xu)
- migration: Add per vmstate downtime tracepoints (Peter Xu)
- migration: Add migration_downtime_start|end() helpers (Peter Xu)
- migration: Set downtime_start even for postcopy (Peter Xu)
- hv-balloon: implement pre-Glib 2.68 compatibility (Maciej S. Szmigiero)
- hw/i386/pc: Support hv-balloon (Maciej S. Szmigiero)
- qapi: Add HV_BALLOON_STATUS_REPORT event and its QMP query command (Maciej S. Szmigiero)
- qapi: Add query-memory-devices support to hv-balloon (Maciej S. Szmigiero)
- Add Hyper-V Dynamic Memory Protocol driver (hv-balloon) hot-add support (Maciej S. Szmigiero)
- Add Hyper-V Dynamic Memory Protocol driver (hv-balloon) base (Maciej S. Szmigiero)
- Add Hyper-V Dynamic Memory Protocol definitions (Maciej S. Szmigiero)
- memory-device: Drop size alignment check (David Hildenbrand)
- memory-device: Support empty memory devices (David Hildenbrand)
- memory,vhost: Allow for marking memory device memory regions unmergeable (David Hildenbrand)
- memory: Clarify mapping requirements for RamDiscardManager (David Hildenbrand)
- memory-device,vhost: Support automatic decision on the number of memslots (David Hildenbrand)
- vhost: Add vhost_get_max_memslots() (David Hildenbrand)
- kvm: Add stub for kvm_get_max_memslots() (David Hildenbrand)
- memory-device,vhost: Support memory devices that dynamically consume memslots (David Hildenbrand)
- memory-device: Track required and actually used memslots in DeviceMemoryState (David Hildenbrand)
- stubs: Rename qmp_memory_device.c to memory_device.c (David Hildenbrand)
- memory-device: Support memory devices with multiple memslots (David Hildenbrand)
- vhost: Return number of free memslots (David Hildenbrand)
- kvm: Return number of free memslots (David Hildenbrand)
- vhost: Remove vhost_backend_can_merge() callback (David Hildenbrand)
- vhost: Rework memslot filtering and fix 'used_memslot' tracking (David Hildenbrand)
- virtio-md-pci: New parent type for virtio-mem-pci and virtio-pmem-pci (David Hildenbrand)
- migration/ram: Expose ramblock_is_ignored() as migrate_ram_is_ignored() (David Hildenbrand)
- virtio-mem: Skip most of virtio_mem_unplug_all() without plugged memory (David Hildenbrand)
- softmmu/physmem: Warn with ram_block_discard_range() on MAP_PRIVATE file mapping (David Hildenbrand)
- memory-device: Track used region size in DeviceMemoryState (David Hildenbrand)
- memory-device: Refactor memory_device_pre_plug() (David Hildenbrand)
- hw/i386/pc: Remove PC_MACHINE_DEVMEM_REGION_SIZE (David Hildenbrand)
- hw/i386/acpi-build: Rely on machine->device_memory when building SRAT (David Hildenbrand)
- hw/i386/pc: Use machine_memory_devices_init() (David Hildenbrand)
- hw/loongarch/virt: Use machine_memory_devices_init() (David Hildenbrand)
- hw/ppc/spapr: Use machine_memory_devices_init() (David Hildenbrand)
- hw/arm/virt: Use machine_memory_devices_init() (David Hildenbrand)
- memory-device: Introduce machine_memory_devices_init() (David Hildenbrand)
- memory-device: Unify enabled vs. supported error messages (David Hildenbrand)
- hw/scsi/scsi-disk: Disallow block sizes smaller than 512 [CVE-2023-42467] (Thomas Huth) [Orabug: 35808564] {CVE-2023-42467}
- tests/qtest: ahci-test: add test exposing reset issue with pending callback (Fiona Ebner) [Orabug: 35977245] {CVE-2023-5088}
- hw/ide: reset: cancel async DMA operation before resetting state (Fiona Ebner) [Orabug: 35977245] {CVE-2023-5088}
[7.2.0-7.el9]
- vfio/common: Probe type1 iommu dirty tracking support (Joao Martins) [Orabug: 36024839]
- vfio/common: Allow disabling device dirty page tracking (Joao Martins) [Orabug: 36024839]
Related CVEs
| CVE-2023-6693 |
| CVE-2023-5088 |
| CVE-2024-24474 |
| CVE-2023-3019 |
| CVE-2023-42467 |
| CVE-2023-6683 |
| CVE-2021-3750 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | qemu-kvm-7.2.0-11.el9.src.rpm | 7bc4933f9db19765cbd9b5e38db41c99f53dd21ecb712f61dc7ef7cf92847220 | - | ol9_aarch64_kvm_utils |
| qemu-guest-agent-7.2.0-11.el9.aarch64.rpm | cc57092a59cc7b4b58c9fa2f29e1f73e6bca800ce02517fbfffdefde37e08f2d | - | ol9_aarch64_kvm_utils | |
| qemu-img-7.2.0-11.el9.aarch64.rpm | 2ed594b470249b1a570498a1766a750a1ff706d02ec399acaf7e54a4f9360ce9 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-7.2.0-11.el9.aarch64.rpm | b21c3fa2a7cdd6701389e8f2575fe298c4729c9aa3bdfd61f20f1fe9bafa85a5 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-curl-7.2.0-11.el9.aarch64.rpm | 67107be47854ade28abc04b539dc9c21ace51e712ab99d95e47681a91bb729ac | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-iscsi-7.2.0-11.el9.aarch64.rpm | 5b9571229ad842c9dce6173c67076576abf6a13c2de126575c4e83ff515c0f43 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-rbd-7.2.0-11.el9.aarch64.rpm | 56aec3f1825de27de008d56450821ad49acd466271dbd2a4ab2539ed15d6ec35 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-ssh-7.2.0-11.el9.aarch64.rpm | f15de2c566eadd912938983f6e9bbe8c15a1fdf8d2fd6a9f3cb434d13e1e0288 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-common-7.2.0-11.el9.aarch64.rpm | 8ea47429794c36403f19e4e11c0e10d5ea3dfe40faf9489faf200119d225ccd3 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-core-7.2.0-11.el9.aarch64.rpm | bb7baf84241778eb4ef6ca224fc9ff7ed186ec7c849699aac90087fc06c7693f | - | ol9_aarch64_kvm_utils | |
| qemu-virtiofsd-7.2.0-11.el9.aarch64.rpm | 004918a22c9b1b5b32d7c60dfec0467b15655fa481bb3f906d406fb5bd0f6637 | - | ol9_aarch64_kvm_utils | |
| Oracle Linux 9 (x86_64) | qemu-kvm-7.2.0-11.el9.src.rpm | 7bc4933f9db19765cbd9b5e38db41c99f53dd21ecb712f61dc7ef7cf92847220 | - | ol9_x86_64_kvm_utils |
| qemu-guest-agent-7.2.0-11.el9.x86_64.rpm | 68f4f0b110c53610d3438f9f216c6730ed2a81200c480814636da73705548958 | - | ol9_x86_64_kvm_utils | |
| qemu-img-7.2.0-11.el9.x86_64.rpm | c571b73af5c7e96158b303a6a18a387a52ecc165cd427ecfb44106acfccf3a8b | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-7.2.0-11.el9.x86_64.rpm | 48f6418d4198dc997b874dda267785c8951c7d9ca6682ece0f9b754760fd027a | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-curl-7.2.0-11.el9.x86_64.rpm | b1a0b9f35b5a4d4e3e872ecc550d4dd3d176626a451a721fc2becad0e011873a | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-iscsi-7.2.0-11.el9.x86_64.rpm | d115bbc792bb75934a2b5a8f76cdf6cff874616d5d34f4e5524bdf9d0f5da95e | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-rbd-7.2.0-11.el9.x86_64.rpm | 7a98f7c96faa7f4d30578656439ae13880124dd369dce855dc25c7de9f17bcd3 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-ssh-7.2.0-11.el9.x86_64.rpm | f528874e6bcab9f98fb257491b215c1fb915966053253bd20c59d51afa0a4e23 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-common-7.2.0-11.el9.x86_64.rpm | b0d7621267055b41bcd313cbc584ab69382edc84ffa18c2afd919437f57a232d | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-core-7.2.0-11.el9.x86_64.rpm | debd595eccaf30852945325ad1d83e2fdf44ca6962d7c1b9f5be49b07e6b4db6 | - | ol9_x86_64_kvm_utils | |
| qemu-virtiofsd-7.2.0-11.el9.x86_64.rpm | 796ab8178f84a932371797c01b62d0e192a3a8a56202d003c320ed9eba57427b | - | ol9_x86_64_kvm_utils | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
