exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2017-2392-01

Red Hat Security Advisory 2017-2392-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2392-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. The following packages have been upgraded to a later upstream version: qemu-kvm-rhev. Security Fix: A stack buffer overflow flaw was found in the Quick Emulator built with the Network Block Device client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-10155, CVE-2016-4020, CVE-2016-6835, CVE-2016-6888, CVE-2016-7422, CVE-2016-7466, CVE-2016-8576, CVE-2016-8669, CVE-2016-8909, CVE-2016-8910, CVE-2016-9907, CVE-2016-9911, CVE-2016-9921, CVE-2016-9922, CVE-2017-2630, CVE-2017-5579, CVE-2017-5898, CVE-2017-5973, CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375
SHA-256 | 8bdef9a2edaa6c48acb02022865e43e9a79db08204a6fbb3afa3dc39b0a5c36a

Red Hat Security Advisory 2017-2392-01

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Important: qemu-kvm-rhev security, bug fix, and enhancement update
Advisory ID: RHSA-2017:2392-01
Product: Red Hat Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2017:2392
Issue date: 2017-08-01
CVE Names: CVE-2016-10155 CVE-2016-4020 CVE-2016-6835
CVE-2016-6888 CVE-2016-7422 CVE-2016-7466
CVE-2016-8576 CVE-2016-8669 CVE-2016-8909
CVE-2016-8910 CVE-2016-9907 CVE-2016-9911
CVE-2016-9921 CVE-2016-9922 CVE-2017-2630
CVE-2017-5579 CVE-2017-5898 CVE-2017-5973
CVE-2017-9310 CVE-2017-9373 CVE-2017-9374
CVE-2017-9375
=====================================================================

1. Summary:

An update for qemu-kvm-rhev is now available for RHEV 4.X RHEV-H and Agents
for RHEL-7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Managment Agent for RHEL 7 Hosts - ppc64le, x86_64

3. Description:

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm-rhev packages provide the
user-space component for running virtual machines that use KVM in
environments managed by Red Hat products.

The following packages have been upgraded to a later upstream version:
qemu-kvm-rhev (2.9.0). (BZ#1387372, BZ#1387600, BZ#1400962)

Security Fix(es):

* A stack buffer overflow flaw was found in the Quick Emulator (QEMU) built
with the Network Block Device (NBD) client support. The flaw could occur
while processing server's response to a 'NBD_OPT_LIST' request. A malicious
NBD server could use this issue to crash a remote NBD client resulting in
DoS or potentially execute arbitrary code on client host with privileges of
the QEMU process. (CVE-2017-2630)

* An integer overflow flaw was found in Quick Emulator (QEMU) in the CCID
Card device support. The flaw could occur while passing messages via
command/response packets to and from the host. A privileged user inside a
guest could use this flaw to crash the QEMU process. (CVE-2017-5898)

* An information exposure flaw was found in Quick Emulator (QEMU) in Task
Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw
could occur while accessing TPR. A privileged user inside a guest could use
this issue to read portions of the host memory. (CVE-2016-4020)

* A memory-leak flaw was found in the Quick Emulator(QEMU) built with USB
xHCI controller emulation support. The flaw could occur while doing a
USB-device unplug operation. Unplugging the device repeatedly resulted in
leaking host memory, affecting other services on the host. A privileged
user inside the guest could exploit this flaw to cause a denial of service
on the host or potentially crash the host's QEMU process instance.
(CVE-2016-7466)

* Multiple CVEs(CVE-2016-10155, CVE-2016-4020, CVE-2016-6835,
CVE-2016-6888, CVE-2016-7422, CVE-2016-7466, CVE-2016-8576, CVE-2016-8669,
CVE-2016-8909, CVE-2016-8910, CVE-2016-9907, CVE-2016-9911, CVE-2016-9921,
CVE-2016-9922, CVE-2017-2630, CVE-2017-5579, CVE-2017-5898, CVE-2017-5973,
CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375) were fixed as
result of rebase to QEMU version 2.9.0.

Red Hat would like to thank Li Qiang (Qihoo 360 Inc.) for reporting
CVE-2016-6835 and CVE-2016-6888; Li Qiang (360.cn Inc.) for reporting
CVE-2017-5898, CVE-2016-7466, CVE-2016-10155, CVE-2017-5579, and
CVE-2017-5973; Donghai Zdh (Alibaba Inc.) for reporting CVE-2016-4020;
Qinghao Tang (Marvel Team 360.cn Inc.) and Zhenhao Hong (Marvel Team 360.cn
Inc.) for reporting CVE-2016-7422; PSIRT (Huawei Inc.) for reporting
CVE-2016-8669; Andrew Henderson (Intelligent Automation Inc.) for reporting
CVE-2016-8910; Qinghao Tang (Qihoo 360), Li Qiang (Qihoo 360), and Jiangxin
(Huawei Inc.) for reporting CVE-2016-9921 and CVE-2016-9922; and Li Qiang
(Qihoo 360 Gear Team) for reporting CVE-2017-9310, CVE-2017-9373,
CVE-2017-9374, and CVE-2017-9375.

Additional Changes:

This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available from the Release Notes
document linked to in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

750801 - [RFE] specifying the entire image chain as a qemu drive (blockdev-add) (qemu)
971799 - qemu should not crash when if=scsi although it's unsupportable device
1032873 - block-job-cancel can not cancel current job when drive-mirror to a no enough space libiscsi disk
1038963 - [RFE] qemu can't listen on both IPv6 and IPv4 localhost for VNC
1046612 - qemu should quit with friendly prompt when use usb3.0 stick + uhci controller
1055093 - RFE: usb-host redir: make usb superspeed devices work when redirected to a non superspeed capable vm
1086193 - RFE: Add blockdev-delete QMP command in company with blockdev-add
1159726 - RFE: blockdev-add support for gluster
1159728 - add blockdev-add support with libiscsi backends
1175113 - pci-bridge should behave the same when adding devices from cli or at hotplug time
1179045 - [rfe] qemu should report usb-host hotplug errors
1185172 - The blockcopy command will hang there in the mirror period with the raw disk
1189998 - Active commit does not support on rbd based disk
1193826 - Dump progress only show up when memory-only dump finish
1219541 - virsh migrate --copy-storage-all fails to preserve sparse disk image
1231739 - qmp should give friendly hints when can not use __com.redhat_drive_del to delete device
1248279 - [RFE] Memory hot unplug on powerpc platform - qemu-kvm-rhev
1254422 - [RFE]Add option to specify the initiator for qemu-img to login iscsi target
1256618 - Chardev remains busy after hot remove vhost-user that connected to the chardev.
1262277 - qemu quit when block mirror 2 disk enable data-plane
1262676 - When mirroring to remote NBD disk with granularity =8192 and buf-size=8193, qemu core dump ( on src host)
1264255 - When hot-unplug a device which is doing block-commit, guest and qemu will hang until the commit finished, and call trace appears in guest
1264258 - Guest's time stops with option clock=vm when guest is paused
1271060 - virtio_pci_set_host_notifier_internal: unable to init event notifier: -24
1274567 - HMP doesn't reflect the correct numa topology after hot plugging vCPU
1281407 - Memdev id is not specified when query memdev via QMP
1285928 - linux-aio aborts on io_submit() failure
1291284 - [RFE 7.4] support for virtio-vsock - qemu-kvm-rhev
1293975 - RFE: Operational Blockers for BDS Nodes in QEMU block layer
1295637 - [virtio-win][netkvm][rhel6]win2012 guest bsod with DRIVER_POWER_STATE_FAILURE(9f) when shutdown after netdev_del&device_del while coping files in guest
1299876 - system_reset should clear pending request for error (IDE)
1300768 - RFE: add support for native TLS encryption on migration TCP transport
1300770 - RFE: add support for native TLS encryption on NBD client/server transports
1313686 - CVE-2016-4020 Qemu: i386: leakage of stack memory to guest in kvmvapic.c
1314131 - RHEV for Power: VFIO passthrough of SR-IOV virtual functions
1329145 - qemu-kvm-rhev sometimes gets SIGABRT when do continuous blockcommit operations
1333425 - CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
1334398 - CVE-2016-9922 Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy
1335808 - [RFE] [vIOMMU] Add Support for VFIO devices with vIOMMU present
1340439 - qemu-kvm crashed when set vram64_size_mb to some vaule
1342434 - qemu core dump when starting a guest with more than 54 nested pcie switches
1347172 - 'info block' should not show backing file when reopen block after drive-mirror with 'sync=full'
1352620 - qemu-kvm fail to start in vnc reverse mode
1352769 - QEMU core dumped when query memory devices in hmp after unplugging memdev of nvdimm
1354177 - Booting from a passthrough usb stick fails when using the bootindex property
1357808 - TCG defaults to POWER7 cpu which won't run modern distributions
1360301 - [RFE] allow qemu gfapi log redirection
1361487 - system_reset should clear pending request for error (virtio-blk)
1362084 - qemu core dump when do blockdev-add with option detect-zeroes on
1362729 - [RFE] log hot unplug requests
1363938 - qemu aborted after enter "q" to hmp:virtio-scsi.c:543: virtio_scsi_handle_cmd_req_prepare: Assertion `blk_get_aio_context(d->conf.blk) == s->ctx' failed
1365708 - qemu-kvm gets SIGSEGV when attach a json backing image of ssh protocol
1366919 - extend virtio-net to expose host MTU to guest
1367369 - Both guest and qemu hang after doing block stream when guest rebooting
1367731 - Other operations(snapshot/hot-unplug) to the block are not forbidden after image streaming starts, which cause qemu and guest hang until streaming completes.
1368040 - Qemu-kvm coredump in repeating hotplug/hot remove virtio-gpu device
1368406 - Virtual display of virtio-gpu should behave like qxl device when using rhel7.3 guest
1368422 - Post-copy migration fails with XBZRLE compression
1369012 - CVE-2016-6835 Qemu: net: vmxnet: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
1369031 - CVE-2016-6888 Qemu: net: vmxnet: integer overflow in packet initialisation
1369641 - Boot guest with 'kernel-irqchip=split', 'intremap=true' and e1000, guest fails to get ip and call trace occurs
1369795 - QMP should prompt more specific information when hotplug more than 32 vfs to guest
1373264 - DEVICE_TRAY_MOVED event is not delivered after migration
1373600 - virtio-balloon stats virtqueue does not migrate properly
1373604 - Enhance live migration post-copy to support file-backed memory (e.g. 2M hugepages)
1373710 - qemu-img: unable to create images via ftp/ftps
1373816 - [virtio-win][netkvm]qemu core dump when hotplug/hot-unplug netkvm device(queues=4) in a loop in windows 2012R2 guest
1374237 - Multi monitors of virtio-vga works abnormally on rhel7.3 guest
1375444 - Add fw_cfg device in windows guest in order to make svvp test pass
1375520 - qemu core dump when there is an I/O error on AHCI
1376000 - xhci emulation fixes
1376755 - CVE-2016-7422 Qemu: virtio: null pointer dereference in virtqueu_map_desc
1376760 - Backport memory leak fixes from QEMU 2.7
1377063 - Guest numa topology not correct after hot plug-unplug-plug vcpus
1377160 - [RFE] Q35: Implement hotplug for pxb-pcie devices
1377837 - CVE-2016-7466 Qemu: usb: xhci memory leakage during device unplug
1378334 - windows guests migration from rhel6.8-z to rhel7.3 with virtio-net-pci fail
1378536 - QEMU runtime modularization of the block layer
1378538 - QEMU: update package summary and description
1378694 - Prevent qemu-img resize from causing "Active L1 table too large"
1378816 - Core dump when use "data-plane" and execute change cd
1379034 - RFE: add 'iSCSI protocol' support of option 'password-secret' to support for securely passing passwords to QEMU block drivers
1379206 - Graphic can't be showed out quickly if guest graphic mode is vnc
1380258 - ppc64le: > 1024GiB of guest RAM will conflict with IO
1381630 - QEMU segfaults when using a lot of pci bridges and USB devices
1383012 - qemu-img command should return non-zero error value on fail
1384124 - cpu flag nonstop_tsc is not present in guest with host-passthrough and feature policy require invtsc
1384909 - CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters
1387372 - Rebase qemu-kvm-rhev for RHEL-7.4
1387600 - Rebase qemu-kvm-rhev to 2.8.0
1388046 - CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode
1388052 - CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream
1389238 - Re-enable kvm_stat script
1390316 - PCIe: Add Generic PCIe Root Ports
1390734 - ppc64: pseries-rhel7.4.0 machine type
1390737 - RHEL-7.4 new qemu-kvm-rhev machine type (x86)
1390991 - Wrong error message when executing qemu-img commit with wrong arguments while confusing base and top volumes
1391942 - kvmclock: advance clock by time window between vm_stop and pre_save (backport patch)
1392328 - Disable new devices in QEMU 2.8 (x86_64)
1392359 - [abrt] qemu-img: strrchr(): qemu-img killed by SIGSEGV: TAINTED
1393322 - Guest fails boot up with ivshmem-plain and virtio-pci device
1393698 - Correctly set host bits for guests to go beyond 1TB
1394140 - qemu gets SIGSEGV when hot-plug a vhostuser network
1396536 - qemu-kvm-rhev: POWER8 CPU model is listed twice in 'query-cpu-definitions' output
1397697 - Backport remaining kvm_stat patches from the kernel to QEMU
1397870 - qemu fails to recognize gluster URIs in backing chain for block-commit operation
1400059 - block-gluster: use one glfs instance per volume
1400785 - qemu: Remove pxi-expander-bridge (PXB) device for Power
1400962 - Verify configuration coverage for rebased qemu-kvm-rhev
1402222 - Device IOTLB support in qemu
1402265 - CVE-2016-9907 Qemu: usb: redirector: memory leakage when destroying redirector
1402272 - CVE-2016-9911 Qemu: usb: ehci: memory leakage in ehci_init_transfer
1402645 - Required cache.direct=on when set aio=native
1404137 - 'block-job-cancel' can not cancel a "block-stream" job normally
1404303 - RFE: virtio-blk/scsi polling mode (QEMU)
1404673 - [ppc64le]reset vm when do migration, HMP in src host promp "tcmalloc: large alloc 1073872896 bytes..."
1405123 - Opteron_G4 CPU model broken in QEMU 2.6 with RHEL 6 machine type
1406827 - Blacklist TSX feature from specific Intel CPU models
1409973 - [TestOnly] supported Tier2 OS/distros in RHEL7.4
1410284 - [RFE] Allow PCIe devices on pseries guests (qemu part)
1410618 - Flickering Fedora 24 Login Screen on RHEL 7
1410674 - qemu: Remove unnecessary EHCI implementation for Power
1411105 - Windows Server 2008-32 crashes on startup with q35 if cdrom attached
1412327 - RFE: negotiable broadcast SMI for Q35
1412470 - Keyboard hang after migration with kernel-irqchip=split
1412472 - [RFE] VT-d migration
1414694 - Reenable edu device for kvm-unit-tests support
1415199 - CVE-2016-10155 Qemu: watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb
1415947 - data-plane cause qemu-kvm process hang when do basic Block stream for virtio-scsi
1416157 - CVE-2017-5579 Qemu: serial: host memory leakage 16550A UART emulation
1416681 - PCIe compliance issues
1417840 - Include kvm_stat man page in qemu-kvm-tools package
1418166 - Remove dependencies required by spice on ppc64le
1418575 - Forward port of downstream-only QMP commands is incorrect
1418927 - The lifecycle event for Guest OS Shutdown is not distinguishable from a qemu process that was quit with SIG_TERM
1419466 - Hotplug memory will induce error: kvm run failed Bad address on ppc when boot up with "-mem-path /mnt/hugetlbfs"
1419699 - CVE-2017-5898 Qemu: usb: integer overflow in emulated_apdu_from_guest
1419899 - Documentation inaccurate for __com.redhat_qxl_screendump and __com.redhat_drive_add
1420195 - Migration from RHEL7.4 -> RHEL7.3.z failed with rtl8139 nic card
1420216 - Migration from RHEL7.3.z -> RHEL4 failed with e1000e nic card
1420679 - Guest reboot after migration from RHEL7.2.z -> RHEL7.4
1421626 - CVE-2017-5973 Qemu: usb: infinite loop while doing control transfer in xhci_kick_epctx
1421788 - migration/spice: assert with slot_id 112 too big, addr=7000000000000000
1422415 - CVE-2017-2630 Qemu: nbd: oob stack write in client routine drop_sync
1422846 - Disable replication feature
1425151 - qemu zeroes the first byte of NVDIMM on initialization
1425178 - Remove texi2html build dependancy from RPM
1425273 - [Q35] migration failed after hotplug e1000e device
1425700 - virtio-scsi data plane takes 100% host CPU with polling
1425765 - The guest failed to start with ich6 sound when machine type is rhel6.*.0
1427466 - [RHEV7.4] dump-guest-memory failed due to Python Exception <class 'gdb.error'> Attempt to extract a component of a value that is not a (null).
1428534 - Enhance qemu to present virtual L3 cache info for vcpus
1428810 - 'Segmentation fault (core dumped)' after hot unplug one disk in a throttle group AND do guest system reset
1430620 - TLS encryption migration via exec failed with "TLS handshake failed: The TLS connection was non-properly terminated"
1431224 - Attach lun type disk report error and crash guest
1431939 - The host nodes of memdev is set to 128 default
1432295 - Add gpa2hpa command to qemu hmp
1432382 - Hot-unplug "device_del dimm1" induce qemu-kvm coredump (hotplug at guest boot up stage)
1432588 - Some compat_props properties override -cpu command-line options
1433193 - Guest could not boot up when attached numa nodes with ram on ppc64le
1433921 - Switch from librdmacm-devel to rdma-core-devel
1434666 - "-numa" should not silently accept an invalid parameter ("size")
1434706 - [pci-bridge] Hotplug devices to pci-bridge failed
1434743 - Boot guest failed with error "virtio_scsi_data_plane_handle_ctrl: Assertion `s->ctx && s->dataplane_started' failed"
1434784 - migration: 7.4->7.2 error while loading state for instance 0x0 of device 'apic'
1435086 - Migration is failed from host RHEL7.3.z to host RHEL7.4 with "-machine pseries-rhel7.3.0 -device pci-bridge,id=pci_bridge,bus=pci.0,addr=03,chassis_nr=1"
1435521 - Migration failed with postcopy enabled from rhel7.3.z host to rhel7.4 host "error while loading state for instance 0x0 of device 'pci@800000020000000:05.0/virtio-rng'"
1436562 - [QEMU] scsi-generic: make up opt xfer len if not reported by backend
1436616 - usb-storage device under nec-usb-xhci is unusable after migration
1437310 - The guest os can not boot when set qxl.vram64 >=2G
1437337 - Hotplug cpu cores with invalid nr_threads causes qemu-kvm coredump
1437393 - snapshot created base on the image in https server will hang during booting
1438566 - migration/qxl: Seg fault migrating rhel5&6 at grub
1440619 - Reboot guest will induce error message - KVM: Failed to create TCE table for liobn 0x80000001
1440667 - The guest exit abnormally with data-plane when do "block-job-complete" after do "drive-mirror" in QMP.
1440677 - The guest exit abnormally with data-plane when do "blockdev-snapshot-sync"in QMP.
1441069 - Failed to create image with iscsi protocol
1443029 - Disable new devices in qemu 2.9
1443040 - seabios can't recognize usb 3.0 loader at boot menu
1444003 - USB 3.0 flash drive not accessible on Windows guest
1444326 - Keyboard inputs are buffered when qemu in stop status
1445174 - [RHEV7.4] [guest memory dump]dump-guest-memory QMP command with "detach" param makes qemu-kvm process aborted
1446003 - vnc cannot find a free port to use
1446498 - Guest freeze after live snapshot with data-plane
1447184 - qemu abort when live snapshot for multiple block device simultaneously with transaction and one is to a non-exist path
1447257 - QEMU coredump while doing hexdump test onto virtio serial ports
1447551 - qemu hang when do block_resize guest disk during crystal running
1447581 - [RHEV7.4] [usb-hub] input devices under usb hub don't work on win2016 with xhci
1447590 - qemu curl driver hangs in a particular libguestfs file download
1447592 - vhost-user/reply-ack: Wait for ack even if no request sent (one-time requests)
1447874 - Migration failed from rhel7.2.z->rhel7.4 with "-M rhel7.0.0" and "-device nec-usb-xhci"
1448813 - qemu crash when shutdown guest with '-device intel-iommu' and '-device vfio-pci'
1449031 - qemu core dump when hot-unplug/hot-plug scsi controller in turns
1449037 - Dst qemu quit when migrate guest with hugepage and total memory is not a multiple of pagesize
1449490 - [q35] guest hang after do migration with virtio-scsi-pci.
1449939 - Remove dependency on seavgabios-bin and ipxe-roms-qemu for qemu-kvm-rhev on s390x
1450759 - Creating fallocated image using qemu-img using gfapi fails
1451191 - qemu-img: block/gluster.c:1307: find_allocation: Assertion `offs >= start' failed.
1451483 - QEMU crashes with "-machine none -device intel-iommu"
1451629 - TCP tunnel network: the guest with interface type=client can not start
1451631 - Keyboard does not work after migration
1451849 - qemu-img convert crashes on error
1451862 - IOMMU support in QEMU for Vhost-user backend
1452048 - qemu abort when hot unplug block device during live commit
1452066 - Fix backing image referencing in drive-backup sync=none
1452148 - Op blockers don't work after postcopy migration
1452512 - qemu coredump when add more than 12 usb-storage devices to ehci
1452605 - disable pulseaudio and alsa support
1452620 - CVE-2017-9310 Qemu: net: infinite loop in e1000e NIC emulation
1452702 - qemu-img aborts on empty filenames
1452752 - Some block drivers incorrectly close their associated file
1453169 - qemu aborts if quit during live commit process
1454582 - Qemu crashes when start guest with qcow2 nbd image
1454641 - Windows 10 BSOD when using rhel6.4.0/rhel6.5.0/rhel6.6.0
1455150 - Unable to detach virtio disk from pcie-root-port after migration
1456424 - qemu crash when starting image streaming job fails
1456456 - qemu crashes on job completion during drain
1457088 - rbd/iscsi: json: pseudo-protocol format is incompatible with 7.3
1457740 - [Tracing] compling qemu-kvm failed through systemtap
1458270 - CVE-2017-9373 Qemu: ide: ahci host memory leakage during hotunplug
1458705 - pvdump: QMP reports "GUEST_PANICKED" event but HMP still shows VM running after guest crashed
1458744 - CVE-2017-9375 Qemu: usb: xhci infinite recursive call via xhci_kick_ep
1458782 - QEMU crashes after hot-unplugging virtio-serial device
1459132 - CVE-2017-9374 Qemu: usb: ehci host memory leakage during hotunplug
1461561 - virtio-blk: drain block before cleanup missing
1461827 - QEMU hangs in aio wait when trying to access NBD volume over TLS

6. Package List:

Managment Agent for RHEL 7 Hosts:

Source:
qemu-kvm-rhev-2.9.0-14.el7.src.rpm

ppc64le:
qemu-img-rhev-2.9.0-14.el7.ppc64le.rpm
qemu-kvm-common-rhev-2.9.0-14.el7.ppc64le.rpm
qemu-kvm-rhev-2.9.0-14.el7.ppc64le.rpm
qemu-kvm-rhev-debuginfo-2.9.0-14.el7.ppc64le.rpm
qemu-kvm-tools-rhev-2.9.0-14.el7.ppc64le.rpm

x86_64:
qemu-img-rhev-2.9.0-14.el7.x86_64.rpm
qemu-kvm-common-rhev-2.9.0-14.el7.x86_64.rpm
qemu-kvm-rhev-2.9.0-14.el7.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.9.0-14.el7.x86_64.rpm
qemu-kvm-tools-rhev-2.9.0-14.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2016-10155
https://access.redhat.com/security/cve/CVE-2016-4020
https://access.redhat.com/security/cve/CVE-2016-6835
https://access.redhat.com/security/cve/CVE-2016-6888
https://access.redhat.com/security/cve/CVE-2016-7422
https://access.redhat.com/security/cve/CVE-2016-7466
https://access.redhat.com/security/cve/CVE-2016-8576
https://access.redhat.com/security/cve/CVE-2016-8669
https://access.redhat.com/security/cve/CVE-2016-8909
https://access.redhat.com/security/cve/CVE-2016-8910
https://access.redhat.com/security/cve/CVE-2016-9907
https://access.redhat.com/security/cve/CVE-2016-9911
https://access.redhat.com/security/cve/CVE-2016-9921
https://access.redhat.com/security/cve/CVE-2016-9922
https://access.redhat.com/security/cve/CVE-2017-2630
https://access.redhat.com/security/cve/CVE-2017-5579
https://access.redhat.com/security/cve/CVE-2017-5898
https://access.redhat.com/security/cve/CVE-2017-5973
https://access.redhat.com/security/cve/CVE-2017-9310
https://access.redhat.com/security/cve/CVE-2017-9373
https://access.redhat.com/security/cve/CVE-2017-9374
https://access.redhat.com/security/cve/CVE-2017-9375
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFZgQxyXlSAg2UNWIIRAie1AJ42F2yIwO3Vt81+eh3S0nv2dNLFUgCeNnPV
VAdAP3ECRQqNbG8XCTZ3BP8=
=/201
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close