Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
The following packages have been upgraded to a later upstream version: hivex (1.3.18), libguestfs (1.40.2), libguestfs-winsupport (8.2), libvirt (6.0.0), libvirt-dbus (1.3.0), libvirt-python (6.0.0), nbdkit (1.16.2), perl-Sys-Virt (6.0.0), qemu-kvm (4.2.0), seabios (1.13.0), SLOF (20191022). (BZ#1810193, BZ#1844296)
Security Fix(es):
libvirt: leak of /dev/mapper/control into QEMU guests (CVE-2020-14339)
QEMU: Slirp: use-after-free during packet reassembly (CVE-2019-15890)
libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent (CVE-2019-20485)
QEMU: slirp: use-after-free in ip_reass() function in ip_input.c (CVE-2020-1983)
libvirt: Potential denial of service via active pool without target path (CVE-2020-10703)
libvirt: leak of sensitive cookie information via dumpxml (CVE-2020-14301)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section.
bugzilla.redhat.com/show_bug.cgi?id=1518042
bugzilla.redhat.com/show_bug.cgi?id=1664324
bugzilla.redhat.com/show_bug.cgi?id=1715039
bugzilla.redhat.com/show_bug.cgi?id=1717394
bugzilla.redhat.com/show_bug.cgi?id=1727865
bugzilla.redhat.com/show_bug.cgi?id=1749716
bugzilla.redhat.com/show_bug.cgi?id=1756946
bugzilla.redhat.com/show_bug.cgi?id=1759849
bugzilla.redhat.com/show_bug.cgi?id=1763191
bugzilla.redhat.com/show_bug.cgi?id=1790189
bugzilla.redhat.com/show_bug.cgi?id=1805998
bugzilla.redhat.com/show_bug.cgi?id=1807057
bugzilla.redhat.com/show_bug.cgi?id=1809740
bugzilla.redhat.com/show_bug.cgi?id=1810193
bugzilla.redhat.com/show_bug.cgi?id=1811539
bugzilla.redhat.com/show_bug.cgi?id=1816650
bugzilla.redhat.com/show_bug.cgi?id=1828681
bugzilla.redhat.com/show_bug.cgi?id=1829825
bugzilla.redhat.com/show_bug.cgi?id=1844296
bugzilla.redhat.com/show_bug.cgi?id=1845459
bugzilla.redhat.com/show_bug.cgi?id=1848640
bugzilla.redhat.com/show_bug.cgi?id=1849997
bugzilla.redhat.com/show_bug.cgi?id=1854380
bugzilla.redhat.com/show_bug.cgi?id=1857779
bugzilla.redhat.com/show_bug.cgi?id=1860069
bugzilla.redhat.com/show_bug.cgi?id=1867847
errata.rockylinux.org/RLSA-2020:4676