ELSA-2023-12328

Описание

[6.1.1-6.el9]

• Update changelog (Karl Heubaum) [Orabug: 35343538]
• ebpf: fix compatibility with libbpf 1.0+ (Shreesh Adiga) [Orabug: 35268538]
• ebpf: replace deprecated bpf_program__set_socket_filter (Haochen Tong) [Orabug: 35268538]
• CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 (Karl Heubaum) [Orabug: 35305727] {CVE-2023-1544}
• virtio-gpu: do not byteswap padding (Paolo Bonzini) [Orabug: 35304723]
• KVM: x86: workaround invalid CPUID[0xD,9] info on some AMD processors (Paolo Bonzini) [Orabug: 35241527]
• qemu-kvm.spec: fix Linux io_uring support (Mark Kanda) [Orabug: 35265200]
• hw/intc/ioapic: Update KVM routes before redelivering IRQ, on RTE update (David Woodhouse) [Orabug: 35219290]

[6.1.1-5.el9]

• hw/pvrdma: Protect against buggy or malicious guest driver (Yuval Shaia) [Orabug: 35064352] {CVE-2022-1050}
• hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion (Philippe Mathieu-Daude) [Orabug: 35060182]
• hw/display/qxl: Avoid buffer overrun in qxl_phys2virt (CVE-2022-4144) (Philippe Mathieu-Daude) [Orabug: 35060182] {CVE-2022-4144}
• hw/display/qxl: Pass requested buffer size to qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 35060182]
• hw/display/qxl: Document qxl_phys2virt() (Philippe Mathieu-Daude) [Orabug: 35060182]
• hw/display/qxl: Have qxl_log_command Return early if no log_cmd handler (Philippe Mathieu-Daude) [Orabug: 35060182]
• ui/vnc-clipboard: fix integer underflow in vnc_client_cut_text_ext (Mauro Matteo Cascella) [Orabug: 35060115] {CVE-2022-3165}
• hw/arm/virt: build SMBIOS 19 table (Mihai Carabas)
• vl: Add an -action option to override MCE handling (Mark Kanda) [Orabug: 34779160]
• hw/acpi/erst.c: Fix memory handling issues (Christian A. Ehrhardt) [Orabug: 34779541] {CVE-2022-4172}
• target/i386: kvm: do not access uninitialized variable on older kernels (Paolo Bonzini) [Orabug: 34492975]
• x86: Support XFD and AMX xsave data migration (Zeng Guang) [Orabug: 34492975]
• x86: add support for KVM_CAP_XSAVE2 and AMX state migration (Jing Liu) [Orabug: 34492975]
• x86: Add AMX CPUIDs enumeration (Jing Liu) [Orabug: 34492975]
• x86: Add XFD faulting bit for state components (Jing Liu) [Orabug: 34492975]
• x86: Grant AMX permission for guest (Yang Zhong) [Orabug: 34492975]
• x86: Add AMX XTILECFG and XTILEDATA components (Jing Liu) [Orabug: 34492975]
• x86: Fix the 64-byte boundary enumeration for extended state (Jing Liu) [Orabug: 34492975]
• linux-headers: include missing changes from 5.17 (Paolo Bonzini) [Orabug: 34492975]
• linux-headers: Update headers to v5.17-rc1 (Vivek Goyal) [Orabug: 34492975]
• linux-headers: update to 5.16-rc1 (Paolo Bonzini) [Orabug: 34492975]
• i386/pc: restrict AMD only enforcing of 1Tb hole to new machine type (Joao Martins)
• i386/pc: relocate 4g start to 1T where applicable (Joao Martins)
• i386/pc: bounds check phys-bits against max used GPA (Joao Martins)
• i386/pc: factor out device_memory base/size to helper (Joao Martins)
• i386/pc: factor out above-4g end to an helper (Joao Martins)
• i386/pc: pass pci_hole64_size to pc_memory_init() (Joao Martins)
• i386/pc: create pci-host qdev prior to pc_memory_init() (Joao Martins)
• hw/i386: add 4g boundary start to X86MachineState (Joao Martins)
• vhost-vdpa: fix assert !virtio_net_get_subqueue(nc)->async_tx.elem in virtio_net_reset (Si-Wei Liu)
• net/vhost-vdpa.c: Fix clang compilation failure (Peter Maydell)
• vhost-vdpa: allow passing opened vhostfd to vhost-vdpa (Si-Wei Liu)