Lucene search

K
oraclelinuxOracleLinuxELSA-2021-9109
HistoryMar 15, 2021 - 12:00 a.m.

qemu security update

2021-03-1500:00:00
linux.oracle.com
31

7.5 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

[15:4.2.1-5.el7]

  • qemu.spec: use --tls-priority=NORMAL for OL7 (Elena Ufimtseva)
  • hostmem: fix default ‘prealloc-threads’ count (Mark Kanda) [Orabug: 32472127]
  • hostmem: introduce ‘prealloc-threads’ property (Igor Mammedov)
  • qom: introduce object_register_sugar_prop (Paolo Bonzini)
  • migration/multifd: Do error_free after migrate_set_error to avoid memleaks (Pan Nengyuan)
  • multifd/tls: fix memoryleak of the QIOChannelSocket object when cancelling migration (Chuan Zheng)
  • migration/multifd: fix hangup with TLS-Multifd due to blocking handshake (Chuan Zheng)
  • migration/tls: add trace points for multifd-tls (Chuan Zheng)
  • migration/tls: add support for multifd tls-handshake (Chuan Zheng)
  • migration/tls: extract cleanup function for common-use (Chuan Zheng)
  • migration/multifd: fix memleaks in multifd_new_send_channel_async (Pan Nengyuan)
  • migration/multifd: fix nullptr access in multifd_send_terminate_threads (Zhimin Feng)
  • migration/tls: add tls_hostname into MultiFDSendParams (Chuan Zheng)
  • migration/tls: extract migration_tls_client_create for common-use (Chuan Zheng)
  • migration/tls: save hostname into MigrationState (Chuan Zheng)
  • tests/qtest: add a test case for pvpanic-pci (Mihai Carabas)
  • pvpanic : update pvpanic spec document (Mihai Carabas)
  • hw/misc/pvpanic: add PCI interface support (Mihai Carabas)
  • hw/misc/pvpanic: split-out generic and bus dependent code (Mihai Carabas)
  • 9pfs: Fully restart unreclaim loop (CVE-2021-20181) (Greg Kurz) [Orabug: 32441198] {CVE-2021-20181}
  • ide: atapi: check logical block address and read size (CVE-2020-29443) (Prasad J Pandit) [Orabug: 32393835] {CVE-2020-29443}
  • Document CVE-2019-20808 as fixed (Mark Kanda) [Orabug: 32339196] {CVE-2019-20808}
  • block/iscsi:fix heap-buffer-overflow in iscsi_aio_ioctl_cb (Chen Qun) [Orabug: 32339207] {CVE-2020-11947}
  • net: remove an assert call in eth_get_gso_type (Prasad J Pandit) [Orabug: 32102583] {CVE-2020-27617}
  • nvdimm: honor -object memory-backend-file, readonly=on option (Stefan Hajnoczi) [Orabug: 32265408]
  • hostmem-file: add readonly=on|off option (Stefan Hajnoczi) [Orabug: 32265408]
  • memory: add readonly support to memory_region_init_ram_from_file() (Stefan Hajnoczi) [Orabug: 32265408]

7.5 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C