Oracle9: ELSA-2022-5263: qemu Moderate Security Update | LinuxSecur...

Advisories

Oracle Linux Security Advisory ELSA-2022-5263

https://linux.oracle.com/errata/ELSA-2022-5263.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
qemu-guest-agent-6.2.0-11.el9_0.3.x86_64.rpm
qemu-img-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-audio-pa-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-curl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-rbd-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-common-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-core-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-redirect-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-docs-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-tools-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-egl-headless-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-opengl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-pr-helper-6.2.0-11.el9_0.3.x86_64.rpm

aarch64:
qemu-guest-agent-6.2.0-11.el9_0.3.aarch64.rpm
qemu-img-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-audio-pa-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-curl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-rbd-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-common-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-core-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-docs-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-tools-6.2.0-11.el9_0.3.aarch64.rpm
qemu-pr-helper-6.2.0-11.el9_0.3.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol9/SRPMS-updates/qemu-kvm-6.2.0-11.el9_0.3.src.rpm

Related CVEs:

CVE-2022-26353
CVE-2022-26354




Description of changes:

[6.2.0-11.el9_0.3]
- kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch [bz#2071102]
- kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch [bz#2075635]
- kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch [bz#2075640]
- Resolves: bz#2071102
  (RHEL 9.0 guest with vsock device migration failed from RHEL 9.0 > RHEL 8.6 [rhel-9.0.0.z])
- Resolves: bz#2075635
  (CVE-2022-26353 qemu-kvm: QEMU: virtio-net: map leaking on error during receive [rhel-9] [rhel-9.0.0.z])
- Resolves: bz#2075640
  (CVE-2022-26354 qemu-kvm: QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak [rhel-9] [rhel-9.0.0.z])

[6.2.0-11.el9_0.2]
- kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch [bz#2053584]
- kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch [bz#2053584]
- kvm-vmxcap-Add-5-level-EPT-bit.patch [bz#2038051]
- kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch [bz#2038051]
- kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch [bz#2043531]
- kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch [bz#2043531]
- kvm-tests-acpi-add-SLIC-table-test.patch [bz#2043531]
- kvm-tests-acpi-SLIC-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch [bz#2043531]
- kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch [bz#2043531]
- kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch [bz#2043531]
- kvm-tests-acpi-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch [bz#2043531]
- kvm-rhel-workaround-for-lack-of-binary-patches-in-SRPM.patch [bz#2043531]
- Resolves: bz#2053584
  (watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843])
- Resolves: bz#2038051
  (Win11 (q35+edk2) guest broke after install wsl2 through 'wsl --install -d Ubuntu-20.04')
- Resolves: bz#2043531
  (Guest can not start with SLIC acpi table)

[6.2.0-11.el9_0.1]
- kvm-RHEL-mark-old-machine-types-as-deprecated.patch [bz#2052050]
- kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch [bz#2059786]
- kvm-spec-Fix-obsolete-for-spice-subpackages.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-old-usb-redir-subpackage.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-ssh-driver.patch [bz#2059175 bz#2059146]

_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle9: ELSA-2022-5263: qemu Moderate Security Update

Summary

Description of changes: [6.2.0-11.el9_0.3] - kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch [bz#2071102] - kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch [bz#2075635] - kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch [bz#2075640] - Resolves: bz#2071102 (RHEL 9.0 guest with vsock device migration failed from RHEL 9.0 > RHEL 8.6 [rhel-9.0.0.z]) - Resolves: bz#2075635 (CVE-2022-26353 qemu-kvm: QEMU: virtio-net: map leaking on error during receive [rhel-9] [rhel-9.0.0.z]) - Resolves: bz#2075640 (CVE-2022-26354 qemu-kvm: QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak [rhel-9] [rhel-9.0.0.z]) [6.2.0-11.el9_0.2] - kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch [bz#2053584] - kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch [bz#2053584] - kvm-vmxcap-Add-5-level-EPT-bit.patch [bz#2038051] - kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch [bz#2038051] - kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch [bz#2043531] - kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch [bz#2043531] - kvm-tests-acpi-add-SLIC-table-test.patch [bz#2043531] - kvm-tests-acpi-SLIC-update-expected-blobs.patch [bz#2043531] - kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch [bz#2043531] - kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch [bz#2043531] - kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch [bz#2043531] - kvm-tests-acpi-update-expected-blobs.patch [bz#2043531] - kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch [bz#2043531] - kvm-rhel-workaround-for-lack-of-binary-patches-in-SRPM.patch [bz#2043531] - Resolves: bz#2053584 (watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843]) - Resolves: bz#2038051 (Win11 (q35+edk2) guest broke after install wsl2 through 'wsl --install -d Ubuntu-20.04') - Resolves: bz#2043531 (Guest can not start with SLIC acpi table) [6.2.0-11.el9_0.1] - kvm-RHEL-mark-old-machine-types-as-deprecated.patch [bz#2052050] - kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch [bz#2059786] - kvm-spec-Fix-obsolete-for-spice-subpackages.patch [bz#2059175 bz#2059146] - kvm-spec-Obsolete-old-usb-redir-subpackage.patch [bz#2059175 bz#2059146] - kvm-spec-Obsolete-ssh-driver.patch [bz#2059175 bz#2059146]

i386

x86_64

qemu-guest-agent-6.2.0-11.el9_0.3.x86_64.rpm qemu-img-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-audio-pa-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-block-curl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-block-rbd-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-common-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-core-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-vga-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-vga-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-usb-redirect-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-docs-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-tools-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-ui-egl-headless-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-ui-opengl-6.2.0-11.el9_0.3.x86_64.rpm qemu-pr-helper-6.2.0-11.el9_0.3.x86_64.rpm aarch64: qemu-guest-agent-6.2.0-11.el9_0.3.aarch64.rpm qemu-img-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-audio-pa-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-block-curl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-block-rbd-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-common-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-core-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-docs-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-tools-6.2.0-11.el9_0.3.aarch64.rpm qemu-pr-helper-6.2.0-11.el9_0.3.aarch64.rpm

SRPMS

https://oss.oracle.com/ol9/SRPMS-updates/qemu-kvm-6.2.0-11.el9_0.3.src.rpm

Severity
Related CVEs: CVE-2022-26353 CVE-2022-26354

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.