A qemu-kvm security, bug fix, and enhancement update has been released for Oracle Linux 7.
Oracle Linux Security Advisory ELSA-2020-0366
http://linux.oracle.com/errata/ELSA-2020-0366.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
qemu-img-1.5.3-167.el7_7.4.x86_64.rpm
qemu-kvm-1.5.3-167.el7_7.4.x86_64.rpm
qemu-kvm-common-1.5.3-167.el7_7.4.x86_64.rpm
qemu-kvm-tools-1.5.3-167.el7_7.4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-167.el7_7.4.src.rpm
Description of changes:
[1.5.3-167.el7_7.4]
- kvm-target-i386-add-MDS-NO-feature.patch [bz#1755333]
- Resolves: bz#1755333
([Intel 7.8 FEAT] MDS_NO exposure to guest - qemu-kvm [rhel-7.7.z])
[1.5.3-167.el7_7.3]
- kvm-target-i386-Export-TAA_NO-bit-to-guests.patch [bz#1771960]
- kvm-target-i386-add-support-for-MSR_IA32_TSX_CTRL.patch [bz#1771960]
- Resolves: bz#1771960
(CVE-2019-11135 qemu-kvm: hw: TSX Transaction Asynchronous Abort
(TAA) [rhel-7.7.z])
[1.5.3-167.el7_7.2]
- kvm-target-i386-Merge-feature-filtering-checking-functio.patch
[bz#1730606]
- kvm-target-i386-Isolate-KVM-specific-code-on-CPU-feature.patch
[bz#1730606]
- kvm-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch
[bz#1730606]
- kvm-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch
[bz#1730606]
- kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch [bz#1730606]
- kvm-x86-Data-structure-changes-to-support-MSR-based-feat.patch
[bz#1730606]
- kvm-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch
[bz#1730606]
- kvm-Use-KVM_GET_MSR_INDEX_LIST-for-MSR_IA32_ARCH_CAP.patch [bz#1730606]
- kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch
[bz#1730606]
- kvm-Remove-arch-capabilities-deprecation.patch [bz#1730606]
- Resolves: bz#1730606
([Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not
enabled in VM qemu-kvm [rhel-7.7.z])