Описание
ELSA-2023-12065: qemu security update (IMPORTANT)
[15:4.2.1-24.el7]
- Revert 'virtio-scsi: Send 'REPORTED LUNS CHANGED' sense data upon disk hotplug events' (Mark Kanda) [Orabug: 34905939]
[15:4.2.1-23.el7]
- hw/display/ati_2d: Fix buffer overflow in ati_2d_blt (CVE-2021-3638) (Philippe Mathieu-Daude) [Orabug: 33930374] {CVE-2021-3638}
- tests/acpi: virt: update ACPI MADT and FADT binaries (Miguel Luis)
- acpi: arm/virt: madt: bump to revision 4 accordingly to ACPI 6.0 Errata A (Miguel Luis)
- acpi: arm/virt: madt: use build_append_int_noprefix() API to compose MADT table (Igor Mammedov)
- acpi: madt: arm/x86: use acpi_table_begin()/acpi_table_end() instead of build_header() (Igor Mammedov)
- hw/arm/virt-acpi-build:Remove dead assignment in build_madt() (Chen Qun)
- acpi: build_fadt: adapt FADT table names (Miguel Luis)
- acpi: fadt: support revision 6.0 of the ACPI specification (Miguel Luis)
- tests/acpi: virt: allow acpi MADT and FADT changes (Miguel Luis)
- Document CVE-2022-1050 and CVE-2022-3165 (Mark Kanda) [Orabug: 34132133] [Orabug: 34713999] {CVE-2022-1050} {CVE-2022-3165}
- hw/acpi/erst.c: Fix memory handling issues (Christian A. Ehrhardt) [Orabug: 34779472] {CVE-2022-4172}
- vhost-vdpa: fix assert !virtio_net_get_subqueue(nc)->async_tx.elem in virtio_net_reset (Si-Wei Liu)
- net/vhost-vdpa.c: Fix clang compilation failure (Peter Maydell)
- vhost-vdpa: allow passing opened vhostfd to vhost-vdpa (Si-Wei Liu)
- virtio-scsi: Send 'REPORTED LUNS CHANGED' sense data upon disk hotplug events (Venu Busireddy) [Orabug: 33649154]
- hw/acpi/aml-build: Improve scalability of PPTT generation (Yanan Wang)
- tests/data/acpi/virt: update empty file for PPTT (Miguel Luis)
- hw/arm/virt-acpi-build: Generate PPTT table (Yanan Wang)
- tests/data/acpi/virt: Add an empty expected file for PPTT (Yanan Wang)
- hw/acpi/aml-build: Add PPTT table (Andrew Jones)
- hw/acpi/aml-build: Add Processor hierarchy node structure (Yanan Wang)
- machine: Add SMP Sockets in CpuTopology (Babu Moger)
- bios-tables-test: generate table for virt/DBG2 (Miguel Luis)
- hw/arm/virt_acpi_build: Generate DBG2 table (Eric Auger)
- tests/acpi: Add void table for virt/DBG2 bios-tables-test (Eric Auger)
- tests/acpi: virt: update ACPI GTDT binaries (Miguel Luis) [Orabug: 34711916]
- acpi: arm/virt: build_gtdt: fix invalid 64-bit physical addresses (Miguel Luis) [Orabug: 34711916]
- tests/acpi: virt: allow acpi GTDT changes (Miguel Luis) [Orabug: 34711916]
- acpi: fix OEM ID/OEM Table ID padding (Igor Mammedov) [Orabug: 34711916]
- acpi: arm/virt: build_gtdt: use acpi_table_begin()/acpi_table_end() instead of build_header() (Igor Mammedov) [Orabug: 34711916]
- acpi: add helper routines to initialize ACPI tables (Igor Mammedov) [Orabug: 34711916]
- acpi: declare the default assignable value for the ACPI table header (Miguel Luis) [Orabug: 34711916]
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ivshmem-tools
4.2.1-24.el7
qemu
4.2.1-24.el7
qemu-block-gluster
4.2.1-24.el7
qemu-block-iscsi
4.2.1-24.el7
qemu-block-rbd
4.2.1-24.el7
qemu-common
4.2.1-24.el7
qemu-img
4.2.1-24.el7
qemu-kvm
4.2.1-24.el7
qemu-kvm-core
4.2.1-24.el7
qemu-system-aarch64
4.2.1-24.el7
qemu-system-aarch64-core
4.2.1-24.el7
Oracle Linux x86_64
qemu
4.2.1-24.el7
qemu-block-gluster
4.2.1-24.el7
qemu-block-iscsi
4.2.1-24.el7
qemu-block-rbd
4.2.1-24.el7
qemu-common
4.2.1-24.el7
qemu-img
4.2.1-24.el7
qemu-kvm
4.2.1-24.el7
qemu-kvm-core
4.2.1-24.el7
qemu-system-x86
4.2.1-24.el7
qemu-system-x86-core
4.2.1-24.el7
Связанные CVE
Связанные уязвимости
ELSA-2023-12108: virt:kvm_utils security update (IMPORTANT)
ELSA-2023-12195: virt:kvm_utils2 security update (IMPORTANT)
ELSA-2023-2162: qemu-kvm security, bug fix, and enhancement update (MODERATE)
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.