Oracle Linux Security Advisory ELSA-2023-5094 https://linux.oracle.com/errata/ELSA-2023-5094.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: qemu-guest-agent-7.2.0-14.el9_2.5.x86_64.rpm qemu-img-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-audio-pa-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-block-curl-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-block-rbd-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-common-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-core-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-display-virtio-gpu-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-display-virtio-vga-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-usb-host-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-device-usb-redirect-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-docs-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-tools-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-ui-egl-headless-7.2.0-14.el9_2.5.x86_64.rpm qemu-kvm-ui-opengl-7.2.0-14.el9_2.5.x86_64.rpm qemu-pr-helper-7.2.0-14.el9_2.5.x86_64.rpm aarch64: qemu-guest-agent-7.2.0-14.el9_2.5.aarch64.rpm qemu-img-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-audio-pa-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-block-curl-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-block-rbd-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-common-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-core-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-device-display-virtio-gpu-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-device-usb-host-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-docs-7.2.0-14.el9_2.5.aarch64.rpm qemu-kvm-tools-7.2.0-14.el9_2.5.aarch64.rpm qemu-pr-helper-7.2.0-14.el9_2.5.aarch64.rpm SRPMS: https://oss.oracle.com/ol9/SRPMS-updates//qemu-kvm-7.2.0-14.el9_2.5.src.rpm Related CVEs: CVE-2023-3354 Description of changes: [7.2.0-14.el9_2.5] - rhel guest failed boot with multi disks on error Failed to start udev Wait for Complete Device Initialization - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service - hotplug/hotunplug mlx vdpa device to the occupied addr port, then qemu core dump occurs after shutdown guest _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata