Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Oracle Linux 9 ELSA-2022-5270 Important: KVM Security Enhancement

oracle
Calendar Grey July 6, 2022
Oracle Linux Logo Esm H88
Oracle Linux 9 has released updates. This notice outlines a significant resolution for several QEMU vulnerabilities impacting KVM.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[6.2.0-11.el9_0.3] - kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch [bz#2071102] - kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch [bz#2075635] - kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch [bz#2075640] - Resolves: bz#2071102 (RHEL 9.0 guest with vsock device migration failed from RHEL 9.0 > RHEL 8.6 [rhel-9.0.0.z]) - Resolves: bz#2075635 (CVE-2022-26353 qemu-kvm: QEMU: virtio-net: map leaking on error during receive [rhel-9] [rhel-9.0.0.z]) - Resolves: bz#2075640 (CVE-2022-26354 qemu-kvm: QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak [rhel-9] [rhel-9.0.0.z]) [6.2.0-11.el9_0.2] - kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch [bz#2053584] - kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch [bz#2053584] - kvm-vmxcap-Add-5-level-EPT-bit.patch [bz#2038051] - kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch [bz#2038051] - kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security issue oracle linux qemu update

SRPMs

https://oss.oracle.com:443/ol9/SRPMS-updates/qemu-kvm-6.2.0-11.el9_0.3.src.rpm

x86_64

qemu-guest-agent-6.2.0-11.el9_0.3.x86_64.rpm qemu-img-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-audio-pa-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-block-curl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-block-rbd-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-common-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-core-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-vga-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-display-virtio-vga-gl-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-device-usb-redirect-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-docs-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-tools-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm-ui-egl-headless-6.2.0-11.el9_0.3.x86_64.rpm qemu-kvm...

Read the Full Advisory

aarch64

qemu-guest-agent-6.2.0-11.el9_0.3.aarch64.rpm qemu-img-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-audio-pa-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-block-curl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-block-rbd-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-common-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-core-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-docs-6.2.0-11.el9_0.3.aarch64.rpm qemu-kvm-tools-6.2.0-11.el9_0.3.aarch64.rpm qemu-pr-helper-6.2.0-11.el9_0.3.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2022-26353 CVE-2022-26354

Topics%20covered

Topics Covered

security advisory moderate security issue oracle linux qemu update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here