Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Moderate: qemu-kvm security, bug fix, and enhancement update

Related Vulnerabilities: CVE-2021-3507   CVE-2021-3611   CVE-2021-3750   CVE-2021-4158  

Source

Synopsis

Moderate: qemu-kvm security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

The following packages have been upgraded to a later upstream version: qemu-kvm (7.0.0). (BZ#2064757)

Security Fix(es):

  • QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free (CVE-2021-3750)
  • QEMU: fdc: heap buffer overflow in DMA read data transfers (CVE-2021-3507)
  • QEMU: intel-hda: segmentation fault due to stack overflow (CVE-2021-3611)
  • QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

  • BZ - 1477099 - virtio-iommu (including ACPI, VHOST/VFIO integration, migration support)
  • BZ - 1708300 - RFE: qemu-nbd vs NBD_FLAG_CAN_MULTI_CONN
  • BZ - 1879437 - Qemu coredump when refreshing block limits on an actively used iothread block device [rhel.9]
  • BZ - 1904267 - Q35: Support SMBIOS 3.0 Entry Point Type
  • BZ - 1951118 - CVE-2021-3507 QEMU: fdc: heap buffer overflow in DMA read data transfers
  • BZ - 1968509 - Use MSG_ZEROCOPY on QEMU Live Migration
  • BZ - 1973784 - CVE-2021-3611 QEMU: intel-hda: segmentation fault due to stack overflow
  • BZ - 1982600 - qemu-kvm -help reports -spice despite not being compiled
  • BZ - 1995710 - RFE: Allow virtio-scsi CD-ROM media change with IOThreads
  • BZ - 1999073 - CVE-2021-3750 QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free
  • BZ - 2020993 - 'qemu-img convert' to Qcow2 Images over RBD Failed
  • BZ - 2023977 - Duplicate SMBIOS handles when creating large VMs
  • BZ - 2026955 - RFE: set default resolution/EDID info to a more sensible modern size like 1280x800 (WXGA)
  • BZ - 2035002 - CVE-2021-4158 QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c
  • BZ - 2037612 - [Win11][tpm][QL41112 PF] vfio_listener_region_add received unaligned region
  • BZ - 2041823 - [aarch64][numa] When there are at least 6 Numa nodes serial log shows 'arch topology borken'
  • BZ - 2044162 - [RHEL9.1] Enable virtio-mem as tech-preview on ARM64 QEMU
  • BZ - 2046029 - [WRB] New machine type property - dtb-kaslr-seed
  • BZ - 2060839 - Consider deprecating CPU models like "kvm64" / "qemu64" on RHEL 9
  • BZ - 2062809 - Guest can not start with SLIC acpi table [rhel-9.1.0]
  • BZ - 2062813 - Mark all RHEL-8 and earlier machine types as deprecated [rhel-9.1.0]
  • BZ - 2062817 - Missing qemu-kvm-block-ssh obsolete breaks upgrade path [rhel-9.1.0]
  • BZ - 2062819 - Broken upgrade path due to qemu-kvm-hw-usbredir rename [rhel-9.1.0]
  • BZ - 2062828 - [virtual network][rhel9][vDPA] qemu crash after hot unplug vdpa device [rhel-9.1.0]
  • BZ - 2064500 - Install qemu-kvm-6.2.0-11.el9_0.1 failed as conflict with qemu-kvm-block-ssh-6.2.0-11.el9_0.1
  • BZ - 2064530 - Rebuild qemu-kvm with clang-14
  • BZ - 2064757 - Rebase to QEMU 7.0.0
  • BZ - 2064771 - Update machine type compatibility for QEMU 7.0.0 update [x86_64]
  • BZ - 2064782 - Update machine type compatibility for QEMU 7.0.0 update [s390x]
  • BZ - 2065398 - watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843] [rhel-9.1.0]
  • BZ - 2066824 - Aarch64: Drop unsupported CPU types
  • BZ - 2070804 - PXE boot crash qemu when using multiqueue vDPA
  • BZ - 2072379 - Fail to rebuild the reference count tables of qcow2 image on host block devices (e.g. LVs)
  • BZ - 2079347 - Guest boot blocked when scsi disks using same iothread and 100% CPU consumption
  • BZ - 2079938 - qemu coredump when boot with multi disks (qemu) failed to set up stack guard page: Cannot allocate memory
  • BZ - 2081022 - Build regression on ppc64le with c9s qemu-kvm 7.0.0-1 changes
  • BZ - 2086262 - [Win11][tpm]vfio_listener_region_del received unaligned region
  • BZ - 2094252 - Compile the virtio-iommu device on x86_64
  • BZ - 2094270 - Do not set the hard vCPU limit to the soft vCPU limit in downstream qemu-kvm anymore
  • BZ - 2095608 - Please correct the error message when try to start qemu with "-M kernel-irqchip=split"
  • BZ - 2096143 - The migration port is not released if use it again for recovering postcopy migration
  • BZ - 2099541 - qemu coredump with error Assertion `qemu_mutex_iothread_locked()' failed when repeatly hotplug/unplug disks in pause status
  • BZ - 2099934 - Guest reboot on destination host after postcopy migration completed
  • BZ - 2100106 - Fix virtio-iommu/vfio bypass
  • BZ - 2107466 - zerocopy capability can be enabled when set migrate capabilities with multifd and compress/xbzrle together
  • BZ - 2111994 - RHEL9: skey test in kvm_unit_test got failed
  • BZ - 2112303 - virtio-blk: Can't boot fresh installation from used 512 cluster_size image under certain conditions
  • BZ - 2114060 - vDPA state restore support through control virtqueue in Qemu
  • BZ - 2116876 - Fixes for vDPA control virtqueue support in Qemu
  • BZ - 2120275 - Wrong max_sectors_kb and Maximum transfer length on the pass-through device [rhel-9.1]

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started