Описание
ELSA-2021-9425: qemu security update (IMPORTANT)
[15:4.2.1-11.el7]
- pvrdma: Fix the ring init error flow (CVE-2021-3608) (Marcel Apfelbaum) [Orabug: 33120142] {CVE-2021-3608}
- pvrdma: Ensure correct input on ring init (CVE-2021-3607) (Marcel Apfelbaum) [Orabug: 33120146] {CVE-2021-3607}
- hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582) (Marcel Apfelbaum) [Orabug: 33120084] {CVE-2021-3582}
- vhost-user-gpu: reorder free calls. (Gerd Hoffmann) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: abstract vg_cleanup_mapping_iov (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
- vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (CVE-2021-3546) (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
- vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (CVE-2021-3545) (Li Qiang) [Orabug: 32950708] {CVE-2021-3545}
- usb: limit combined packets to 1 MiB (CVE-2021-3527) (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
- usb/redir: avoid dynamic stack allocation (CVE-2021-3527) (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
- mptsas: Remove unused MPTSASState 'pending' field (CVE-2021-3392) (Michael Tokarev) [Orabug: 32470463] {CVE-2021-3392}
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ivshmem-tools
4.2.1-11.el7
qemu
4.2.1-11.el7
qemu-block-gluster
4.2.1-11.el7
qemu-block-iscsi
4.2.1-11.el7
qemu-block-rbd
4.2.1-11.el7
qemu-common
4.2.1-11.el7
qemu-img
4.2.1-11.el7
qemu-kvm
4.2.1-11.el7
qemu-kvm-core
4.2.1-11.el7
qemu-system-aarch64
4.2.1-11.el7
qemu-system-aarch64-core
4.2.1-11.el7
Oracle Linux x86_64
qemu
4.2.1-11.el7
qemu-block-gluster
4.2.1-11.el7
qemu-block-iscsi
4.2.1-11.el7
qemu-block-rbd
4.2.1-11.el7
qemu-common
4.2.1-11.el7
qemu-img
4.2.1-11.el7
qemu-kvm
4.2.1-11.el7
qemu-kvm-core
4.2.1-11.el7
qemu-system-x86
4.2.1-11.el7
qemu-system-x86-core
4.2.1-11.el7
Ссылки на источники
Связанные уязвимости
ELSA-2021-9568: virt:kvm_utils security update (IMPORTANT)
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.
