RedHatRHSA-2020:3267(RHSA-2020:3267) Low: qemu-kvm-rhev security, bug fix, and enhancement update
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.7 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
19.5%
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
Security Fix(es):
- CVE-2019-20382 QEMU: vnc: memory leakage upon disconnect
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Add support for newer glusterfs (BZ#1802216)
-
Backport: Passthrough host CPU microcode version to KVM guest if using CPU passthrough to RHEL 7.7/7.8 (BZ#1791653)
-
After hot unplug virtio-net and vfio nic, hot plug vfio-pci device fails in Win2019 guest (BZ#1721403)
-
qemu-kvm-rhev: Qemu: seccomp: blacklist is not applied to all threads (BZ#1618504)
-
Fix overzealous I/O request splitting performance regression (BZ#1819253)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | ppc64le | qemu-kvm-rhev-debuginfo | < 2.12.0-48.el7 | qemu-kvm-rhev-debuginfo-2.12.0-48.el7.ppc64le.rpm |
| RedHat | 7 | ppc64le | qemu-kvm-rhev | < 2.12.0-48.el7 | qemu-kvm-rhev-2.12.0-48.el7.ppc64le.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-rhev | < 2.12.0-48.el7 | qemu-kvm-rhev-2.12.0-48.el7.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-img-rhev | < 2.12.0-48.el7 | qemu-img-rhev-2.12.0-48.el7.x86_64.rpm |
| RedHat | 7 | ppc64le | qemu-img-rhev | < 2.12.0-48.el7 | qemu-img-rhev-2.12.0-48.el7.ppc64le.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-rhev-debuginfo | < 2.12.0-48.el7 | qemu-kvm-rhev-debuginfo-2.12.0-48.el7.x86_64.rpm |
| RedHat | 7 | ppc64le | qemu-kvm-tools-rhev | < 2.12.0-48.el7 | qemu-kvm-tools-rhev-2.12.0-48.el7.ppc64le.rpm |
| RedHat | 7 | ppc64le | qemu-kvm-common-rhev | < 2.12.0-48.el7 | qemu-kvm-common-rhev-2.12.0-48.el7.ppc64le.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-common-rhev | < 2.12.0-48.el7 | qemu-kvm-common-rhev-2.12.0-48.el7.x86_64.rpm |
| RedHat | 7 | x86_64 | qemu-kvm-tools-rhev | < 2.12.0-48.el7 | qemu-kvm-tools-rhev-2.12.0-48.el7.x86_64.rpm |
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.7 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
19.5%