A qemu-kvm security and bug fix update security update has been released for Oracle Linux 9.

El-errata: ELSA-2022-5263 Moderate: Oracle Linux 9 qemu-kvm security and bug fix update

Oracle Linux Security Advisory ELSA-2022-5263

  http://linux.oracle.com/errata/ELSA-2022-5263.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
qemu-guest-agent-6.2.0-11.el9_0.3.x86_64.rpm
qemu-img-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-audio-pa-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-curl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-rbd-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-common-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-core-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-redirect-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-docs-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-tools-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-egl-headless-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-opengl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-pr-helper-6.2.0-11.el9_0.3.x86_64.rpm

aarch64:
qemu-guest-agent-6.2.0-11.el9_0.3.aarch64.rpm
qemu-img-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-audio-pa-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-curl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-rbd-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-common-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-core-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-docs-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-tools-6.2.0-11.el9_0.3.aarch64.rpm
qemu-pr-helper-6.2.0-11.el9_0.3.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates/qemu-kvm-6.2.0-11.el9_0.3.src.rpm

Related CVEs:

CVE-2022-26353
CVE-2022-26354



Description of changes:

[6.2.0-11.el9_0.3]
- kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch [bz#2071102]
- kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch [bz#2075635]
- kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch [bz#2075640]
- Resolves: bz#2071102
(RHEL 9.0 guest with vsock device migration failed from RHEL 9.0 > RHEL 8.6 [rhel-9.0.0.z])
- Resolves: bz#2075635
(CVE-2022-26353 qemu-kvm: QEMU: virtio-net: map leaking on error during receive [rhel-9] [rhel-9.0.0.z])
- Resolves: bz#2075640
(CVE-2022-26354 qemu-kvm: QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak [rhel-9] [rhel-9.0.0.z])

[6.2.0-11.el9_0.2]
- kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch [bz#2053584]
- kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch [bz#2053584]
- kvm-vmxcap-Add-5-level-EPT-bit.patch [bz#2038051]
- kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch [bz#2038051]
- kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch [bz#2043531]
- kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch [bz#2043531]
- kvm-tests-acpi-add-SLIC-table-test.patch [bz#2043531]
- kvm-tests-acpi-SLIC-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch [bz#2043531]
- kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch [bz#2043531]
- kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch [bz#2043531]
- kvm-tests-acpi-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch [bz#2043531]
- kvm-rhel-workaround-for-lack-of-binary-patches-in-SRPM.patch [bz#2043531]
- Resolves: bz#2053584
(watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843])
- Resolves: bz#2038051
(Win11 (q35+edk2) guest broke after install wsl2 through 'wsl --install -d Ubuntu-20.04')
- Resolves: bz#2043531
(Guest can not start with SLIC acpi table)

[6.2.0-11.el9_0.1]
- kvm-RHEL-mark-old-machine-types-as-deprecated.patch [bz#2052050]
- kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch [bz#2059786]
- kvm-spec-Fix-obsolete-for-spice-subpackages.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-old-usb-redir-subpackage.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-ssh-driver.patch [bz#2059175 bz#2059146]

_______________________________________________