RHBA-2018:1105 - Bug Fix Advisory

Topic

Updated qemu-kvm-rhev packages that fix several bugs and one one enhancement are now available for Red Hat Virtualization Host 7.

Description

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

This update fixes the following bugs:

• Previously, system calls to the address_space_to_flatview function in some cases targeted functions that were not sufficiently synchronized by the read-copy-update (RCU) mechanism. This was a potential security risk. The affected system calls have been fixed, and they can no longer be used as a vector for malicious code. (BZ#1554929)
• Under certain circumstances, snapshots of guests created in Red Hat Virtualization (RHV) could not be deleted due to an error in the snapshot locking mechanism. This update fixes RHV snapshot locking, and the affected snapshots can now be removed as expected. (BZ#1554946)
• Due to an error in the code for resizing the hashed page table (HPT), migrated guests on an IBM POWER host terminated unexpectedly. This update ensures that the size of the HPT is recorded correctly during migration, which prevents the described crashes from occurring. (BZ#1554956)

In addition, this update adds the following enhancement:

• Additional machine types have been introduced for qemu-kvm that improve the IBM POWER guest protection against the Spectre and Meltdown vulnerabilities. (BZ#1554951)

Users of qemu-kvm-rhev are advised to upgrade to these updated packages, which fix these bugs and add this enhancement. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/2974891

Affected Products

• Red Hat Virtualization 4 for RHEL 7 x86_64
• Red Hat Virtualization for IBM Power LE 4 for RHEL 7 ppc64le

Fixes

• BZ - 1554929 - incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z]
• BZ - 1554946 - [Regression] Cannot delete VM's snapshot [rhel-7.5.z]
• BZ - 1554956 - [ppc64] Migration will fail after HPT resizing [rhel-7.5.z]

CVEs

(none)

References

(none)