ELSA-2024-12674
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-12674
ELSA-2024-12674 - qemu-kvm security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2024-09-19 |
Description
[7.2.0-15.el9]
- migration: abort on destination if switchover limit exceeded (Elena Ufimtseva)
- migration: introduce strict switchover SLA (Elena Ufimtseva)
- migration: add error to MigrationIncomingState (Elena Ufimtseva)
- migration: Set migration status early in incoming side (Fabiano Rosas)
- tests/qtest: migration: Use migrate_incoming_qmp where appropriate (Fabiano Rosas)
- tests/qtest: migration: Add migrate_incoming_qmp helper (Fabiano Rosas)
- tests/qtest: migration: Expose migrate_set_capability (Fabiano Rosas)
- vfio/migration: Multifd device state transfer support - send side (Maciej S. Szmigiero)
- vfio/migration: Add x-orcl-migration-multifd-transfer VFIO property (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer support - receive side (Maciej S. Szmigiero)
- migration/multifd: Add migration_has_device_state_support() (Maciej S. Szmigiero)
- migration/multifd: Device state transfer support - send side (Maciej S. Szmigiero)
- migration/multifd: Convert multifd_send_pages::next_channel to atomic (Maciej S. Szmigiero)
- migration/multifd: Device state transfer support - receive side (Maciej S. Szmigiero)
- migration: Add load_finish handler and associated functions (Maciej S. Szmigiero)
- migration: Add qemu_loadvm_load_state_buffer() and its handler (Maciej S. Szmigiero)
- migration: Add save_live_complete_precopy_{begin,end} handlers (Maciej S. Szmigiero)
- migration/multifd: Zero p->flags before starting filling a packet (Maciej S. Szmigiero)
- migration/ram: Add load start trace event (Maciej S. Szmigiero)
- vfio/migration: Add save_{iterate,complete_precopy}_started trace events (Maciej S. Szmigiero)
- hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- hw/display/virtio-gpu: Protect from DMA re-entrancy bugs (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- hw/virtio: Introduce virtio_bh_new_guarded() helper (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- pcie_sriov: Validate NumVFs (Akihiko Odaki) [Orabug: 36314082] {CVE-2024-26327}
- hw/nvme: Use pcie_sriov_num_vfs() (Akihiko Odaki) [Orabug: 36314111] {CVE-2024-26328}
- pcie: Introduce pcie_sriov_num_vfs (Akihiko Odaki) [Orabug: 36314111] {CVE-2024-26328}
- qcow2: Don't open data_file with BDRV_O_NO_IO (Kevin Wolf) [Orabug: 36801853] {CVE-2024-4467}
- target/i386: drop AMD machine check bits from Intel CPUID (Paolo Bonzini) [Orabug: 36785079]
- target/i386: pass X86CPU to x86_cpu_get_supported_feature_word (Paolo Bonzini) [Orabug: 36785079]
- migration: prevent migration when VM has poisoned memory (William Roche) [Orabug: 35533097]
- i386: Add support for overflow recovery (John Allen) [Orabug: 34691766]
- i386: Add support for SUCCOR feature (John Allen) [Orabug: 34691766]
- i386: Fix MCE support for AMD hosts (John Allen) [Orabug: 34691766]
Related CVEs
| CVE-2024-26328 |
| CVE-2024-26327 |
| CVE-2024-3446 |
| CVE-2024-4467 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | qemu-kvm-7.2.0-15.el9.src.rpm | 946bd53ecdaf38e0d579e21a8fa1b34c78dd6ad9c124554bd70c7bac50d7f376 | - | ol9_aarch64_kvm_utils |
| qemu-guest-agent-7.2.0-15.el9.aarch64.rpm | 7df7b49f620f8724bc55776015a669148aa67e46a08462bc8efdfe3be47a042a | - | ol9_aarch64_kvm_utils | |
| qemu-img-7.2.0-15.el9.aarch64.rpm | 93277c64cecd846a7c6fcbb724b271630612f82fb008d135097c106d94d77f6c | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-7.2.0-15.el9.aarch64.rpm | 686fe076bd4daade88a63bff3d13ca556d187671d5bb1fe0ba91ecaff71a560a | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-curl-7.2.0-15.el9.aarch64.rpm | fc4a80e2fab8ff954e1c55dee31359cb5d55702ccd701756b5a3a3fb60b92839 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-iscsi-7.2.0-15.el9.aarch64.rpm | 890f7c49d20852ea1ac666d6f3b9ea460573ed05de37841d01b13d6634ffedca | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-rbd-7.2.0-15.el9.aarch64.rpm | f8c868f32aa2d11bdea1c3043e017e9f482a2460ea568607ccdd62c50689392c | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-block-ssh-7.2.0-15.el9.aarch64.rpm | 9a516efa7e830a90ccee89eec048cff362707c88f07f3d57c28e21073fcaccc9 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-common-7.2.0-15.el9.aarch64.rpm | c41f776bd1564a8dba9163a0d6d7cd80e8e61ee77bc6d320a1b37148712e1b05 | - | ol9_aarch64_kvm_utils | |
| qemu-kvm-core-7.2.0-15.el9.aarch64.rpm | 03dba945c6674723f4ff7a58dacb52a031b9f939359a38f936142fadee5c1d36 | - | ol9_aarch64_kvm_utils | |
| qemu-virtiofsd-7.2.0-15.el9.aarch64.rpm | 6bd22df90bd7ba601c61156bbe12c86cd852ea43e2d3824b0ba99628f709506c | - | ol9_aarch64_kvm_utils | |
| Oracle Linux 9 (x86_64) | qemu-kvm-7.2.0-15.el9.src.rpm | 946bd53ecdaf38e0d579e21a8fa1b34c78dd6ad9c124554bd70c7bac50d7f376 | - | ol9_x86_64_kvm_utils |
| qemu-guest-agent-7.2.0-15.el9.x86_64.rpm | 69fef11174346c775bbe8aa1aff2bc395d899d0541cc7122bd24536e160fdb45 | - | ol9_x86_64_kvm_utils | |
| qemu-img-7.2.0-15.el9.x86_64.rpm | a2b4e89dd7558fb72d528d263539806b377060e24f04b6085996425539e39488 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-7.2.0-15.el9.x86_64.rpm | ef2d4c90baeac59dc9f26f35d7d251e67c595383265e2fdb5c481465c6dcb643 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-curl-7.2.0-15.el9.x86_64.rpm | 353971ccabc7d5d57c45d1326951bd475e535d73581c6066a4662eb71ad0be51 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-iscsi-7.2.0-15.el9.x86_64.rpm | b3cbad086da9561b7d68b8c5fa0cf644daa7aacdc4d5dbf1067d77ff6879563f | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-rbd-7.2.0-15.el9.x86_64.rpm | 263b612353cc63df0a6a214e0d353b905dd9f1fab0f4a9917c4a1bbe1a2827c4 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-block-ssh-7.2.0-15.el9.x86_64.rpm | 2c27702b42e9863914ef3fbffc47381f667c58344822483b8cc0fa15d2687768 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-common-7.2.0-15.el9.x86_64.rpm | e11dad6cad5f5eedd7a00c89854edef46a73214cb6a6b91913bb50b59ce362c2 | - | ol9_x86_64_kvm_utils | |
| qemu-kvm-core-7.2.0-15.el9.x86_64.rpm | 14695027f48de49b95d28d0a96067ba929a6c204b107696e9d23fed6441ad980 | - | ol9_x86_64_kvm_utils | |
| qemu-virtiofsd-7.2.0-15.el9.x86_64.rpm | 2a32d47fbbd2eedfa5c26a5b277016006c814521b43dbec4cf4a670170836ba9 | - | ol9_x86_64_kvm_utils | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
