Oracle Linux Security Advisory ELSA-2023-5094

https://linux.oracle.com/errata/ELSA-2023-5094.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
qemu-guest-agent-7.2.0-14.el9_2.5.x86_64.rpm
qemu-img-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-audio-pa-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-block-curl-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-block-rbd-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-common-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-core-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-device-display-virtio-vga-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-device-usb-host-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-device-usb-redirect-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-docs-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-tools-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-ui-egl-headless-7.2.0-14.el9_2.5.x86_64.rpm
qemu-kvm-ui-opengl-7.2.0-14.el9_2.5.x86_64.rpm
qemu-pr-helper-7.2.0-14.el9_2.5.x86_64.rpm

aarch64:
qemu-guest-agent-7.2.0-14.el9_2.5.aarch64.rpm
qemu-img-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-audio-pa-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-block-curl-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-block-rbd-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-common-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-core-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-device-usb-host-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-docs-7.2.0-14.el9_2.5.aarch64.rpm
qemu-kvm-tools-7.2.0-14.el9_2.5.aarch64.rpm
qemu-pr-helper-7.2.0-14.el9_2.5.aarch64.rpm


SRPMS:
https://oss.oracle.com:443/ol9/SRPMS-updates//qemu-kvm-7.2.0-14.el9_2.5.src.rpm

Related CVEs:

CVE-2023-3354




Description of changes:

[7.2.0-14.el9_2.5]
- rhel guest failed boot with multi disks on error Failed to start udev Wait for Complete Device Initialization
- CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service
- hotplug/hotunplug mlx vdpa device to the occupied addr port, then qemu core dump occurs after shutdown guest


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle9: ELSA-2023-5094: qemu-kvm Important Security Update

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[7.2.0-14.el9_2.5] - rhel guest failed boot with multi disks on error Failed to start udev Wait for Complete Device Initialization - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service - hotplug/hotunplug mlx vdpa device to the occupied addr port, then qemu core dump occurs after shutdown guest

SRPMs

https://oss.oracle.com:443/ol9/SRPMS-updates//qemu-kvm-7.2.0-14.el9_2.5.src.rpm

x86_64

qemu-guest-agent-7.2.0-14.el9_2.5.x86_64.rpm qemu-img-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-audio-pa-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-block-curl-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-block-rbd-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-common-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-core-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-display-virtio-gpu-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-display-virtio-vga-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-usb-host-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-usb-redirect-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-docs-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-tools-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-ui-egl-headless-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-ui-opengl-7.2.0-14.el9_2.5.x86_64.rpm qemu-pr-helper-7.2.0-14.el9_2.5.x86_64.rpm

aarch64

qemu-guest-agent-7.2.0-14.el9_2.5.aarch64.rpm qemu-img-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-audio-pa-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-block-curl-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-block-rbd-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-common-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-core-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-device-display-virtio-gpu-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-device-usb-host-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-docs-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-tools-7.2.0-14.el9_2.5.aarch64.rpm qemu-pr-helper-7.2.0-14.el9_2.5.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-3354

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo