El-errata: ELSA-2022-9123 Important: Oracle Linux 7 qemu security update (aarch64)
Oracle Linux Security Advisory ELSA-2022-9123
http://linux.oracle.com/errata/ELSA-2022-9123.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
aarch64:
ivshmem-tools-4.2.1-15.el7.aarch64.rpm
qemu-4.2.1-15.el7.aarch64.rpm
qemu-block-gluster-4.2.1-15.el7.aarch64.rpm
qemu-block-iscsi-4.2.1-15.el7.aarch64.rpm
qemu-block-rbd-4.2.1-15.el7.aarch64.rpm
qemu-common-4.2.1-15.el7.aarch64.rpm
qemu-img-4.2.1-15.el7.aarch64.rpm
qemu-kvm-4.2.1-15.el7.aarch64.rpm
qemu-kvm-core-4.2.1-15.el7.aarch64.rpm
qemu-system-aarch64-4.2.1-15.el7.aarch64.rpm
qemu-system-aarch64-core-4.2.1-15.el7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-4.2.1-15.el7.src.rpm
Related CVEs:
CVE-2021-3416
CVE-2021-20203
CVE-2021-20196
CVE-2021-4158
CVE-2021-3947
Description of changes:
[15:4.2.1-15.el7]
- Document CVE-2021-4158 and CVE-2021-3947 as fixed (Mark Kanda) [Orabug: 33719302] [Orabug: 33754145] {CVE-2021-3947} {CVE-2021-4158}
- hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 (Philippe Mathieu-Daudé) [Orabug: 32439466] {CVE-2021-20196}
- hw/block/fdc: Extract blk_create_empty_drive() (Philippe Mathieu-Daudé) [Orabug: 32439466] {CVE-2021-20196}
- net: vmxnet3: validate configuration values during activate (CVE-2021-20203) (Prasad J Pandit) [Orabug: 32559476] {CVE-2021-20203}
- lan9118: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- pcnet: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- rtl8139: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- tx_pkt: switch to use qemu_receive_packet_iov() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- sungem: switch to use qemu_receive_packet() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- dp8393x: switch to use qemu_receive_packet() for loopback packet (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- e1000: switch to use qemu_receive_packet() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- net: introduce qemu_receive_packet() (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- target/i386: Populate x86_ext_save_areas offsets using cpuid where possible (David Edmondson)
- target/i386: Observe XSAVE state area offsets (David Edmondson)
- target/i386: Make x86_ext_save_areas visible outside cpu.c (David Edmondson)
- target/i386: Pass buffer and length to XSAVE helper (David Edmondson)
- target/i386: Clarify the padding requirements of X86XSaveArea (David Edmondson)
- target/i386: Consolidate the X86XSaveArea offset checks (David Edmondson)
- target/i386: Declare constants for XSAVE offsets (David Edmondson)
_______________________________________________
A qemu security update (aarch64) has been released for Oracle Linux 7.
