RHSA-2022:5263-01: Moderate: qemu-kvm security and bug fix update

Red Hat 9038 Published by

A qemu-kvm security and bug fix update has been released for Red Hat Enterprise Linux 9.



RHSA-2022:5263-01: Moderate: qemu-kvm security and bug fix update



=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: qemu-kvm security and bug fix update
Advisory ID: RHSA-2022:5263-01
Product: Red Hat Enterprise Linux
Advisory URL:   https://access.redhat.com/errata/RHSA-2022:5263
Issue date: 2022-06-28
CVE Names: CVE-2022-26353 CVE-2022-26354
=====================================================================

1. Summary:

An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

Kernel-based Virtual Machine (KVM) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm packages provide the
user-space component for running virtual machines that use KVM.

Security Fix(es):

* QEMU: virtio-net: map leaking on error during receive (CVE-2022-26353)

* QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory
leak (CVE-2022-26354)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* RHEL 9.0 guest with vsock device migration failed from RHEL 9.0 > RHEL
8.6 (BZ#2071102)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

  https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.

5. Bugs fixed (  https://bugzilla.redhat.com/):

2063197 - CVE-2022-26353 QEMU: virtio-net: map leaking on error during receive
2063257 - CVE-2022-26354 QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:
qemu-kvm-6.2.0-11.el9_0.3.src.rpm

aarch64:
qemu-guest-agent-6.2.0-11.el9_0.3.aarch64.rpm
qemu-guest-agent-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-img-6.2.0-11.el9_0.3.aarch64.rpm
qemu-img-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-audio-pa-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-audio-pa-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-curl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-curl-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-rbd-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-rbd-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-block-ssh-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-common-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-common-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-core-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-core-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-debugsource-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-gl-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-device-usb-host-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-docs-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-tests-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-tools-6.2.0-11.el9_0.3.aarch64.rpm
qemu-kvm-tools-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm
qemu-pr-helper-6.2.0-11.el9_0.3.aarch64.rpm
qemu-pr-helper-debuginfo-6.2.0-11.el9_0.3.aarch64.rpm

ppc64le:
qemu-guest-agent-6.2.0-11.el9_0.3.ppc64le.rpm
qemu-guest-agent-debuginfo-6.2.0-11.el9_0.3.ppc64le.rpm
qemu-img-6.2.0-11.el9_0.3.ppc64le.rpm
qemu-img-debuginfo-6.2.0-11.el9_0.3.ppc64le.rpm
qemu-kvm-debuginfo-6.2.0-11.el9_0.3.ppc64le.rpm
qemu-kvm-debugsource-6.2.0-11.el9_0.3.ppc64le.rpm

s390x:
qemu-guest-agent-6.2.0-11.el9_0.3.s390x.rpm
qemu-guest-agent-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-img-6.2.0-11.el9_0.3.s390x.rpm
qemu-img-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-audio-pa-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-audio-pa-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-block-curl-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-block-curl-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-block-rbd-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-block-rbd-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-block-ssh-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-common-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-common-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-core-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-core-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-debugsource-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-display-virtio-gpu-ccw-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-display-virtio-gpu-ccw-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-display-virtio-gpu-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-display-virtio-gpu-gl-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-device-usb-host-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-docs-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-tests-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-tools-6.2.0-11.el9_0.3.s390x.rpm
qemu-kvm-tools-debuginfo-6.2.0-11.el9_0.3.s390x.rpm
qemu-pr-helper-6.2.0-11.el9_0.3.s390x.rpm
qemu-pr-helper-debuginfo-6.2.0-11.el9_0.3.s390x.rpm

x86_64:
qemu-guest-agent-6.2.0-11.el9_0.3.x86_64.rpm
qemu-guest-agent-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-img-6.2.0-11.el9_0.3.x86_64.rpm
qemu-img-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-audio-pa-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-audio-pa-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-curl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-curl-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-rbd-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-rbd-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-block-ssh-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-common-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-common-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-core-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-core-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-debugsource-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-gl-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-gpu-pci-gl-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-gl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-display-virtio-vga-gl-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-host-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-host-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-redirect-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-device-usb-redirect-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-docs-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-tests-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-tools-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-tools-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-egl-headless-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-egl-headless-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-opengl-6.2.0-11.el9_0.3.x86_64.rpm
qemu-kvm-ui-opengl-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm
qemu-pr-helper-6.2.0-11.el9_0.3.x86_64.rpm
qemu-pr-helper-debuginfo-6.2.0-11.el9_0.3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
  https://access.redhat.com/security/team/key/

7. References:

  https://access.redhat.com/security/cve/CVE-2022-26353
  https://access.redhat.com/security/cve/CVE-2022-26354
  https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at   https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.

Windows 11 Build 22621.169 released

RHSA-2022:5481-01: Important: firefox security update

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...