Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9344

Опубликовано: 29 апр. 2022
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2022-9344: qemu security update (IMPORTANT)

[15:4.2.1-16.el7]

  • Document CVE-2021-4145 as fixed (Mark Kanda) [Orabug: 33791496] {CVE-2021-4145}
  • migration: Tally pre-copy, downtime and post-copy bytes independently (David Edmondson)
  • migration: Introduce ram_transferred_add() (David Edmondson)
  • ACPI ERST: specification for ERST support (Eric DeVolder)
  • ACPI ERST: step 6 of bios-tables-test.c (Eric DeVolder)
  • ACPI ERST: bios-tables-test testcase (Eric DeVolder)
  • ACPI ERST: qtest for ERST (Eric DeVolder)
  • ACPI ERST: create ACPI ERST table for pc/x86 machines (Eric DeVolder)
  • ACPI ERST: build the ACPI ERST table (Eric DeVolder)
  • ACPI ERST: support for ACPI ERST feature (Eric DeVolder)
  • ACPI ERST: header file for ERST (Eric DeVolder)
  • ACPI ERST: PCI device_id for ERST (Eric DeVolder)
  • ACPI ERST: bios-tables-test.c steps 1 and 2 (Eric DeVolder)
  • ACPI: cleanup bios-tables-test state (Eric DeVolder)
  • KVM: x86: believe what KVM says about WAITPKG (Paolo Bonzini) [Orabug: 33832295]
  • cputlb: destroy CPUTLB with tlb_destroy (Emilio G. Cota) [Orabug: 33428107]

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

ivshmem-tools

4.2.1-16.el7

qemu

4.2.1-16.el7

qemu-block-gluster

4.2.1-16.el7

qemu-block-iscsi

4.2.1-16.el7

qemu-block-rbd

4.2.1-16.el7

qemu-common

4.2.1-16.el7

qemu-img

4.2.1-16.el7

qemu-kvm

4.2.1-16.el7

qemu-kvm-core

4.2.1-16.el7

qemu-system-aarch64

4.2.1-16.el7

qemu-system-aarch64-core

4.2.1-16.el7

Oracle Linux x86_64

qemu

4.2.1-16.el7

qemu-block-gluster

4.2.1-16.el7

qemu-block-iscsi

4.2.1-16.el7

qemu-block-rbd

4.2.1-16.el7

qemu-common

4.2.1-16.el7

qemu-img

4.2.1-16.el7

qemu-kvm

4.2.1-16.el7

qemu-kvm-core

4.2.1-16.el7

qemu-system-x86

4.2.1-16.el7

qemu-system-x86-core

4.2.1-16.el7

Связанные CVE

CVE-2021-4145

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-4145

CVSS3: 6.5
ubuntu
больше 3 лет назад

A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.

redhat логотип

CVE-2021-4145

CVSS3: 5.6
redhat
больше 3 лет назад

A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.

nvd логотип

CVE-2021-4145

CVSS3: 6.5
nvd
больше 3 лет назад

A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.

msrc логотип

CVE-2021-4145

msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2021-4145

CVSS3: 6.5
debian
больше 3 лет назад

A NULL pointer dereference issue was found in the block mirror layer o ...