ELSA-2024-12574
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-12574
ELSA-2024-12574 - qemu-kvm security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2024-08-07 |
Description
[7.2.0-13.el9]
- vfio/migration: Enhance VFIO migration state tracing (Avihai Horon)
- vfio/migration: Don't emit STOP_COPY VFIO migration QAPI event twice (Avihai Horon)
- vfio/migration: Emit VFIO migration QAPI event (Avihai Horon)
- qapi/vfio: Add VFIO migration QAPI event (Avihai Horon)
- migration/multifd: solve zero page causing multiple page faults (Yuan Liu) [Orabug: 36727051]
- multifd: Add the ramblock to MultiFDRecvParams (Lukas Straub) [Orabug: 36727051]
- migration: Fix qmp_query_migrate mbps value (Fabiano Rosas) [Orabug: 36727104]
- migration: Allow user to specify available switchover bandwidth (Peter Xu) [Orabug: 35636284]
- migration/dirtyrate: Fix precision losses and g_usleep overshoot (Andrei Gudkov) [Orabug: 36727091]
- Use new created qemu_target_pages_to_MiB() (Juan Quintela) [Orabug: 36727091]
- softmmu: Create qemu_target_pages_to_MiB() (Juan Quintela) [Orabug: 36727091]
- migration/calc-dirty-rate: replaced CRC32 with xxHash (Andrei Gudkov) [Orabug: 36727063]
- migration/multifd: Enable multifd zero page checking by default. (Hao Xiang) [Orabug: 34131170]
- migration/multifd: Implement ram_save_target_page_multifd to handle multifd version of MigrationOps::ram_save_target_page. (Hao Xiang) [Orabug: 34131170]
- migration/multifd: Implement zero page transmission on the multifd thread. (Hao Xiang) [Orabug: 34131170]
- migration/multifd: Add new migration option zero-page-detection. (Hao Xiang) [Orabug: 34131170]
- migration: Make ram_save_target_page() a pointer (Juan Quintela) [Orabug: 34131170]
- migration: Yield bitmap_mutex properly when sending/sleeping (Peter Xu) [Orabug: 34131170]
- migration/multifd: Add a synchronization point for channel creation (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Unify multifd and TLS connection paths (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Move multifd_send_setup into migration thread (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Move multifd_send_setup error handling in to the function (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Remove p->running (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Optimize sender side to be lockless (Peter Xu) [Orabug: 34131170]
- migration/multifd: Join the TLS thread (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Fix MultiFDSendParams.packet_num race (Peter Xu) [Orabug: 34131170]
- migration/multifd: Stick with send/recv on function names (Peter Xu) [Orabug: 34131170]
- migration/multifd: Cleanup multifd_load_cleanup() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Cleanup multifd_save_cleanup() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Rewrite multifd_queue_page() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Change retval of multifd_send_pages() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Change retval of multifd_queue_page() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Split multifd_send_terminate_threads() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Forbid spurious wakeups (Peter Xu) [Orabug: 34131170]
- migration/multifd: Move header prepare/fill into send_prepare() (Peter Xu) [Orabug: 34131170]
- migration/multifd: multifd_send_prepare_header() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Move trace_multifd_send|recv() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Move total_normal_pages accounting (Peter Xu) [Orabug: 34131170]
- migration/multifd: Rename p->num_packets and clean it up (Peter Xu) [Orabug: 34131170]
- migration/multifd: Drop pages->num check in sender thread (Peter Xu) [Orabug: 34131170]
- migration/multifd: Simplify locking in sender thread (Peter Xu) [Orabug: 34131170]
- migration/multifd: Separate SYNC request with normal jobs (Peter Xu) [Orabug: 34131170]
- migration/multifd: Drop MultiFDSendParams.normal[] array (Peter Xu) [Orabug: 34131170]
- migration/multifd: Postpone reset of MultiFDPages_t (Peter Xu) [Orabug: 34131170]
- migration/multifd: Remove MultiFDPages_t::packet_num (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Drop MultiFDSendParams.quit, cleanup error paths (Peter Xu) [Orabug: 34131170]
- migration/multifd: multifd_send_kick_main() (Peter Xu) [Orabug: 34131170]
- migration/multifd: Fix leaking of Error in TLS error flow (Avihai Horon) [Orabug: 34131170]
- migration/ram: Merge save_zero_page functions (Fabiano Rosas) [Orabug: 34131170]
- migration/ram: Move xbzrle zero page handling into save_zero_page (Fabiano Rosas) [Orabug: 34131170]
- migration/multifd: Stop setting p->ioc before connecting (Fabiano Rosas) [Orabug: 34131170]
- migration: Centralize BH creation and dispatch (Fabiano Rosas) [Orabug: 34131170]
- migration: Add a wrapper to qemu_bh_schedule (Fabiano Rosas) [Orabug: 34131170]
- migration: Remove transferred atomic counter (Juan Quintela) [Orabug: 35636284]
- migration: Use migration_transferred_bytes() (Juan Quintela) [Orabug: 35636284]
- migration: migration_rate_limit_reset() don't need the QEMUFile (Juan Quintela) [Orabug: 35636284]
- migration: migration_transferred_bytes() don't need the QEMUFile (Juan Quintela) [Orabug: 35636284]
- multifd: reset next_packet_len after sending pages (Elena Ufimtseva) [Orabug: 35636284]
- multifd: fix counters in multifd_send_thread (Elena Ufimtseva) [Orabug: 35636284]
- migration/multifd: Compute transferred bytes correctly (Juan Quintela) [Orabug: 35636284]
- migration: check for rate_limit_max for RATE_LIMIT_DISABLED (Elena Ufimtseva) [Orabug: 35636284]
- migration: Use the number of transferred bytes directly (Juan Quintela) [Orabug: 35636284]
- qemu_file: Use a stat64 for qemu_file_transferred (Juan Quintela) [Orabug: 35636284]
- migration: set file error on subsection loading (Marc-Andre Lureau) [Orabug: 35636284]
- migration: Receiving a zero page non zero is an error (Juan Quintela) [Orabug: 35636284]
- migration/multifd: Stop checking p->quit in multifd_send_thread (Fabiano Rosas) [Orabug: 35636284]
- migration/multifd: Clarify Error usage in multifd_channel_connect (Fabiano Rosas) [Orabug: 35636284]
- multifd: cleanup the function multifd_channel_connect (Li Zhang) [Orabug: 35636284]
- migration/multifd: Unify multifd_send_thread error paths (Fabiano Rosas) [Orabug: 35636284]
- migration: Non multifd migration don't care about multifd flushes (Juan Quintela) [Orabug: 35636284]
- migration: fix RAMBlock add NULL check (Dmitry Frolov) [Orabug: 35829153]
- migration: We don't need the field rate_limit_used anymore (Juan Quintela) [Orabug: 35636284]
- migration: Use migration_transferred_bytes() to calculate rate_limit (Juan Quintela) [Orabug: 35636284]
- migration: Add a trace for migration_transferred_bytes (Juan Quintela) [Orabug: 35636284]
- migration: Move migration_total_bytes() to migration-stats.c (Juan Quintela) [Orabug: 35636284]
- qemu-file: Remove total from qemu_file_total_transferred_*() (Juan Quintela) [Orabug: 35636284]
- migration: Move rate_limit_max and rate_limit_used to migration_stats (Juan Quintela) [Orabug: 35636284]
- qemu-file: Account for rate_limit usage on qemu_fflush() (Juan Quintela) [Orabug: 35636284]
- migration: Don't use INT64_MAX for unlimited rate (Juan Quintela) [Orabug: 35636284]
- qemu-file: Make rate_limit_used an uint64_t (Juan Quintela) [Orabug: 35636284]
- qemu-file: make qemu_file_[sg]et_rate_limit() use an uint64_t (Juan Quintela) [Orabug: 35636284]
- migration: We set the rate_limit by a second (Juan Quintela) [Orabug: 35829153]
- migration: A rate limit value of 0 is valid (Juan Quintela) [Orabug: 35636284]
- qemu-file: Make ram_control_save_page() use accessors for rate_limit (Juan Quintela) [Orabug: 35636284]
- qemu-file: Make total_transferred an uint64_t (Juan Quintela) [Orabug: 35636284]
- qemu-file: No need to check for shutdown in qemu_file_rate_limit (Juan Quintela) [Orabug: 35636284]
- migration: Document all migration_stats (Juan Quintela) [Orabug: 35636284]
- multifd: We already account for this packet on the multifd thread (Juan Quintela) [Orabug: 35636284]
- migration: Make dirty_bytes_last_sync atomic (Juan Quintela) [Orabug: 35636284]
- migration: Make dirty_pages_rate atomic (Juan Quintela) [Orabug: 35636284]
- stat64: Add stat64_set() operation (Paolo Bonzini) [Orabug: 35636284]
- multifd: Only flush once each full round of memory (Juan Quintela) [Orabug: 35636284]
- migration: Make find_dirty_block() return a single parameter (Juan Quintela) [Orabug: 35636284]
- migration: Simplify ram_find_and_save_block() (Juan Quintela) [Orabug: 35636284]
- multifd: Protect multifd_send_sync_main() calls (Juan Quintela) [Orabug: 35636284]
- multifd: Create property multifd-flush-after-each-section (Juan Quintela) [Orabug: 35636284]
- multifd: Fix the number of channels ready (Juan Quintela) [Orabug: 35636284]
- migration: Rename normal to normal_pages (Juan Quintela) [Orabug: 35636284]
- migration: Rename duplicate to zero_pages (Juan Quintela) [Orabug: 35636284]
- migration: Make dirty_sync_count atomic (Juan Quintela) [Orabug: 35636284]
- migration: Make downtime_bytes atomic (Juan Quintela) [Orabug: 35636284]
- migration: Make precopy_bytes atomic (Juan Quintela) [Orabug: 35636284]
- migration: Make dirty_sync_missed_zero_copy atomic (Juan Quintela) [Orabug: 35636284]
- migration: Make multifd_bytes atomic (Juan Quintela) [Orabug: 35636284]
- migration: Update atomic stats out of the mutex (Juan Quintela) [Orabug: 35636284]
- migration: Merge ram_counters and ram_atomic_counters (Juan Quintela) [Orabug: 35636284]
- migration/multifd: correct multifd_send_thread to trace the flags (Wei Wang) [Orabug: 35636284]
- ram: Document migration ram flags (Juan Quintela) [Orabug: 35636284]
- migration: Calculate ram size once (Juan Quintela) [Orabug: 35636284]
- multifd: Fix a race on reading MultiFDPages_t.block (Zhenzhong Duan) [Orabug: 35636284]
- migration: Use atomic ops properly for page accountings (Peter Xu) [Orabug: 35636284]
- migration: Export ram_release_page() (Juan Quintela) [Orabug: 35636284]
- migration: Export ram_transferred_ram() (Juan Quintela) [Orabug: 35636284]
- multifd: Create page_count fields into both MultiFD{Recv,Send}Params (Juan Quintela) [Orabug: 35636284]
- multifd: Create page_size fields into both MultiFD{Recv,Send}Params (Juan Quintela) [Orabug: 35636284]
- migration: Fix migration_channel_read_peek() error path () (Avihai Horon) [Orabug: 36726827]
- migration/multifd: Remove error_setg() in migration_ioc_process_incoming() (Avihai Horon) [Orabug: 36726827]
- migration: Refactor migration_incoming_setup() (Avihai Horon) [Orabug: 36726827]
- migration: check magic value for deciding the mapping of channels (manish.mishra) [Orabug: 36726827]
- io: Add support for MSG_PEEK for socket channel (manish.mishra) [Orabug: 36726827]
- hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set (hilippe Mathieu-Daude) [Orabug: 36575206] {CVE-2024-3447}
- block: lock AioContext in bdrv_replace_child_noperm() when in non-coroutine context (Mark Kanda) [Orabug: 36514180]
- hw/scsi/scsi-generic: Fix io_timeout property not applying (Lorenz Brun) [Orabug: 36637684]
- target/i386/monitor: synchronize cpu state for lapic info (Dongli Zhang) [Orabug: 36607747]
- qemu_init: increase NOFILE soft limit on POSIX (Fiona Ebner) [Orabug: 36416389]
Related CVEs
| CVE-2024-3447 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | qemu-kvm-7.2.0-13.el9.src.rpm | cbb3b89bafaff98312ceacba8c7d309e | - | ol9_aarch64_kvm_utils |
| qemu-guest-agent-7.2.0-13.el9.aarch64.rpm | 23861418da0c556432f30f0db1e4445b | - | ol9_aarch64_kvm_utils | |
| qemu-img-7.2.0-13.el9.aarch64.rpm | 6110702610367e2a494cc452d2a558c6 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-7.2.0-13.el9.aarch64.rpm | 9749e678bd27982cdcd16658f0defc1c | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-curl-7.2.0-13.el9.aarch64.rpm | 95f273eed7ef1484081f474441c870b9 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-iscsi-7.2.0-13.el9.aarch64.rpm | 4db59387df2015b6e7307c9084169ee2 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-rbd-7.2.0-13.el9.aarch64.rpm | b7158c9754b046febf91984ff87708d1 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-ssh-7.2.0-13.el9.aarch64.rpm | 31f0b80ad8b0549f3ae8ecf5cfc9fa82 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-common-7.2.0-13.el9.aarch64.rpm | 3b0f0815ce77c486e8e30a3918ff1963 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-core-7.2.0-13.el9.aarch64.rpm | 1302a4fb3b94abd385111588340d9e64 | - | ol9_aarch64_kvm_utils | |
| qemu-virtiofsd-7.2.0-13.el9.aarch64.rpm | d562a8df2564458bb9ee53f9a56112db | - | ol9_aarch64_kvm_utils | |
| Oracle Linux 9 (x86_64) | qemu-kvm-7.2.0-13.el9.src.rpm | cbb3b89bafaff98312ceacba8c7d309e | - | ol9_x86_64_kvm_utils |
| qemu-guest-agent-7.2.0-13.el9.x86_64.rpm | 3163d26b4fb8f8771aacbffea37f7514 | - | ol9_x86_64_kvm_utils | |
| qemu-img-7.2.0-13.el9.x86_64.rpm | fefef75e6c7bdcf8b2313a9d041c7078 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-7.2.0-13.el9.x86_64.rpm | 868e9e4282480cb4f58ec18c0136b24e | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-curl-7.2.0-13.el9.x86_64.rpm | 86e359e3b953486c17b9e8ac49f88944 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-iscsi-7.2.0-13.el9.x86_64.rpm | e811c98ea54df884dd7d6bc4fbebbf92 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-rbd-7.2.0-13.el9.x86_64.rpm | 4db06ba23a172f4fad7e7b543f6e59c7 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-ssh-7.2.0-13.el9.x86_64.rpm | 8352732daf1bb019e7167960ef6e1568 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-common-7.2.0-13.el9.x86_64.rpm | 646d723cf6f20dda7b5fe1932510ac34 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-core-7.2.0-13.el9.x86_64.rpm | d26091875cf25d56645a96c84fcaf8c2 | - | ol9_x86_64_kvm_utils | |
| qemu-virtiofsd-7.2.0-13.el9.x86_64.rpm | 82ce6a87cc2196420f89781f42894075 | - | ol9_x86_64_kvm_utils | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
