Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Oracle Linux 7 ELSA-2021-9638 Critical: QEMU Security Risks Mitigated

oracle
Calendar Grey January 4, 2022
Oracle Linux Logo Esm H88
The ELSA-2021-9638 update for Oracle Linux brings key improvements to the QEMU virtualization platform, addressing critical security vulnerabilities for system safety
The following updated rpms for Oracle Linux 7 have been uploaded to the Unb= reakable Linux Network:

Summary

[15:4.2.1-13.el7] - pcie: Do not set power state for some hot-plugged devices (Annie Li) [Orabug: 33642532] [15:4.2.1-12.1.el7] - Update slirp to address various CVEs (Mark Kanda) [Orabug: 32208456] [Orabug: 33014409] [Orabug: 33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-29129} {CVE-2020-29130} {CVE-2021-3592} {CVE-2021-3593} {CVE-2021-3594} {CVE-2021-3595} - Revert "Update libslirp to v4.6.1" (Mark Kanda) [Orabug: 33607100] [15:4.2.1-12.el7] - hw/pflash_cfi01: Allow backing devices to be smaller than memory region (David Edmondson) - pcie: expire pending delete (Gerd Hoffmann) [Orabug: 33450706] - pcie: fast unplug when slot power is off (Gerd Hoffmann) [Orabug: 33450706] - pcie: factor out pcie_cap_slot_unplug() (Gerd Hoffmann) [Orabug: 33450706] - pcie: add power indicator blink check (Gerd Hoffmann) [Orabug: 33450706] - pcie: implement slot power control for pcie root ports (Gerd Hoffmann) [Orabug: 33450706] - pci: implement power state (Gerd Hoffmann)...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security update update critical system issue qemu oracle linux

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates/qemu-4.2.1-13.el7.src.rpm

x86_64

qemu-common-4.2.1-13.el7.x86_64.rpm qemu-system-x86-core-4.2.1-13.el7.x86_64.rpm qemu-block-gluster-4.2.1-13.el7.x86_64.rpm qemu-block-iscsi-4.2.1-13.el7.x86_64.rpm qemu-block-rbd-4.2.1-13.el7.x86_64.rpm qemu-img-4.2.1-13.el7.x86_64.rpm qemu-4.2.1-13.el7.x86_64.rpm qemu-kvm-4.2.1-13.el7.x86_64.rpm qemu-kvm-core-4.2.1-13.el7.x86_64.rpm qemu-system-x86-4.2.1-13.el7.x86_64.rpm

aarch64

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2020-29129 CVE-2020-29130 CVE-2021-20257 CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 CVE-2021-3682 CVE-2021-3713 CVE-2021-3930

Topics%20covered

Topics Covered

security advisory security update update critical system issue qemu oracle linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here