KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
The following packages have been upgraded to a later upstream version: qemu-kvm-rhev (2.9.0). (BZ#1387372, BZ#1387600, BZ#1400962)
Security Fix(es):
A stack buffer overflow flaw was found in the Quick Emulator (QEMU) built with the Network Block Device (NBD) client support. The flaw could occur while processing server’s response to a ‘NBD_OPT_LIST’ request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process. (CVE-2017-2630)
An integer overflow flaw was found in Quick Emulator (QEMU) in the CCID Card device support. The flaw could occur while passing messages via command/response packets to and from the host. A privileged user inside a guest could use this flaw to crash the QEMU process. (CVE-2017-5898)
An information exposure flaw was found in Quick Emulator (QEMU) in Task Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory. (CVE-2016-4020)
A memory-leak flaw was found in the Quick Emulator(QEMU) built with USB xHCI controller emulation support. The flaw could occur while doing a USB-device unplug operation. Unplugging the device repeatedly resulted in leaking host memory, affecting other services on the host. A privileged user inside the guest could exploit this flaw to cause a denial of service on the host or potentially crash the host’s QEMU process instance. (CVE-2016-7466)
Multiple CVEs(CVE-2016-10155, CVE-2016-4020, CVE-2016-6835, CVE-2016-6888, CVE-2016-7422, CVE-2016-7466, CVE-2016-8576, CVE-2016-8669, CVE-2016-8909, CVE-2016-8910, CVE-2016-9907, CVE-2016-9911, CVE-2016-9921, CVE-2016-9922, CVE-2017-2630, CVE-2017-5579, CVE-2017-5898, CVE-2017-5973, CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375) were fixed as result of rebase to QEMU version 2.9.0.
Red Hat would like to thank Li Qiang (Qihoo 360 Inc.) for reporting CVE-2016-6835 and CVE-2016-6888; Li Qiang (360.cn Inc.) for reporting CVE-2017-5898, CVE-2016-7466, CVE-2016-10155, CVE-2017-5579, and CVE-2017-5973; Donghai Zdh (Alibaba Inc.) for reporting CVE-2016-4020; Qinghao Tang (Marvel Team 360.cn Inc.) and Zhenhao Hong (Marvel Team 360.cn Inc.) for reporting CVE-2016-7422; PSIRT (Huawei Inc.) for reporting CVE-2016-8669; Andrew Henderson (Intelligent Automation Inc.) for reporting CVE-2016-8910; Qinghao Tang (Qihoo 360), Li Qiang (Qihoo 360), and Jiangxin (Huawei Inc.) for reporting CVE-2016-9921 and CVE-2016-9922; and Li Qiang (Qihoo 360 Gear Team) for reporting CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, and CVE-2017-9375.
Additional Changes:
This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | qemu-img-rhev | < 2.9.0-14.el7 | qemu-img-rhev-2.9.0-14.el7.x86_64.rpm |
RedHat | 7 | x86_64 | qemu-kvm-rhev | < 2.9.0-14.el7 | qemu-kvm-rhev-2.9.0-14.el7.x86_64.rpm |
RedHat | 7 | ppc64le | qemu-kvm-common-rhev | < 2.9.0-14.el7 | qemu-kvm-common-rhev-2.9.0-14.el7.ppc64le.rpm |
RedHat | 7 | ppc64le | qemu-kvm-tools-rhev | < 2.9.0-14.el7 | qemu-kvm-tools-rhev-2.9.0-14.el7.ppc64le.rpm |
RedHat | 7 | ppc64le | qemu-kvm-rhev | < 2.9.0-14.el7 | qemu-kvm-rhev-2.9.0-14.el7.ppc64le.rpm |
RedHat | 7 | x86_64 | qemu-kvm-tools-rhev | < 2.9.0-14.el7 | qemu-kvm-tools-rhev-2.9.0-14.el7.x86_64.rpm |
RedHat | 7 | ppc64le | qemu-kvm-rhev-debuginfo | < 2.9.0-14.el7 | qemu-kvm-rhev-debuginfo-2.9.0-14.el7.ppc64le.rpm |
RedHat | 7 | x86_64 | qemu-kvm-common-rhev | < 2.9.0-14.el7 | qemu-kvm-common-rhev-2.9.0-14.el7.x86_64.rpm |
RedHat | 7 | ppc64le | qemu-img-rhev | < 2.9.0-14.el7 | qemu-img-rhev-2.9.0-14.el7.ppc64le.rpm |
RedHat | 7 | x86_64 | qemu-kvm-rhev-debuginfo | < 2.9.0-14.el7 | qemu-kvm-rhev-debuginfo-2.9.0-14.el7.x86_64.rpm |