logo
DATABASE RESOURCES PRICING ABOUT US

qemu-kvm security, bug fix, and enhancement update

Description

[1.5.3-173.el7] - kvm-tcp_emu-Fix-oob-access.patch [bz#1791560] - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791560] - kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791560] - Resolves: bz#1791560 (CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-7.8]) [1.5.3-172.el7] - kvm-target-i386-Export-TAA_NO-bit-to-guests.patch [bz#1771961] - kvm-target-i386-add-support-for-MSR_IA32_TSX_CTRL.patch [bz#1771961] - Resolves: bz#1771961 (CVE-2019-11135 qemu-kvm: hw: TSX Transaction Asynchronous Abort (TAA) [rhel-7.8]) [1.5.3-171.el7] - kvm-i386-Add-new-model-of-Cascadelake-Server.patch [bz#1638471] - kvm-i386-Disable-OSPKE-on-Cascadelake-Server.patch [bz#1638471] - kvm-i386-remove-the-INTEL_PT-CPUID-bit-from-Cascadelake-.patch [bz#1638471] - kvm-Add-missing-brackets-to-CPUID-0x80000008-code.patch [bz#1760607] - Resolves: bz#1638471 ([Intel 7.8 Feat] qemu-kvm Introduce Cascade Lake (CLX) cpu model) - Resolves: bz#1760607 (Corrupted EAX values due to missing brackets at CPUID[0x800000008] code) [1.5.3-170.el7] - kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch [bz#1749735] - kvm-target-i386-Merge-feature-filtering-checking-functio.patch [bz#1709971] - kvm-target-i386-Isolate-KVM-specific-code-on-CPU-feature.patch [bz#1709971] - kvm-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch [bz#1709971] - kvm-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch [bz#1709971] - kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch [bz#1709971] - kvm-x86-Data-structure-changes-to-support-MSR-based-feat.patch [bz#1709971] - kvm-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch [bz#1709971] - kvm-Use-KVM_GET_MSR_INDEX_LIST-for-MSR_IA32_ARCH_CAP.patch [bz#1709971] - kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch [bz#1709971] - kvm-Remove-arch-capabilities-deprecation.patch [bz#1709971] - kvm-target-i386-add-MDS-NO-feature.patch [bz#1714791] - Resolves: bz#1709971 ([Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm) - Resolves: bz#1714791 ([Intel 7.8 FEAT] MDS_NO exposure to guest - qemu-kvm) - Resolves: bz#1749735 (CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-7]) [1.5.3-169.el7] - kvm-target-i386-Support-invariant-tsc-flag.patch [bz#1626871] - kvm-target-i386-block-migration-and-savevm-if-invariant-.patch [bz#1626871] - kvm-i386-Don-t-copy-host-virtual-address-limit.patch [bz#1706658] - Resolves: bz#1626871 ([RFE] request for using TscInvariant feature with qemu-kvm.) - Resolves: bz#1706658 ([Intel 7.8 Bug] qemu-kvm fail with 'err:kvm_init_vcpu() invalidate argumant' on ICX platform) [1.5.3-168.el7] - kvm-qxl-check-release-info-object.patch [bz#1712703] - kvm-bswap.h-Remove-cpu_to_be16wu.patch [bz#1270166] - kvm-net-Transmit-zero-UDP-checksum-as-0xFFFF.patch [bz#1270166] - kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734749] - Resolves: bz#1270166 (UDP packet checksum is not converted from 0x0000 to 0xffff with Qemu e1000 emulation.) - Resolves: bz#1712703 (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-7]) - Resolves: bz#1734749 (CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-7.8])


Affected Package


OS OS Version Package Name Package Version
oracle linux 7 qemu-kvm 1.5.3-173.el7
oracle linux 7 qemu-img 1.5.3-173.el7
oracle linux 7 qemu-kvm 1.5.3-173.el7
oracle linux 7 qemu-kvm-common 1.5.3-173.el7
oracle linux 7 qemu-kvm-tools 1.5.3-173.el7

Related