Synopsis

Moderate: qemu-kvm security update

Type/Severity

Security Advisory: Moderate

Topic

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM.

Security Fix(es):

• Quick Emulator (QEMU), compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur due to an integer overflow while loading a kernel image during a guest boot. A user or process could use this flaw to potentially achieve arbitrary code execution on a host. (CVE-2017-14167)
  
• Quick emulator (QEMU), compiled with the Cirrus CLGD 54xx VGA Emulator support, is vulnerable to an OOB write access issue. The issue could occur while writing to VGA memory via mode4and5 write functions. A privileged user inside guest could use this flaw to crash the QEMU process resulting in Denial of Serivce (DoS). (CVE-2017-15289)
  

Red Hat would like to thank Thomas Garnier (Google.com) for reporting CVE-2017-14167 and Guoxiang Niu (Huawei.com) for reporting CVE-2017-15289.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 7.5 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 7.4 x86_64
• Red Hat Enterprise Linux Server - AUS 7.4 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.4 ppc64
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64
• Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64
• Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.4 ppc64le
• Red Hat Enterprise Linux Server - TUS 7.4 x86_64
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64

Fixes

• BZ - 1489375 - CVE-2017-14167 Qemu: i386: multiboot OOB access while loading kernel image
• BZ - 1501290 - CVE-2017-15289 Qemu: cirrus: OOB access issue in mode4and5 write functions

CVEs

• CVE-2017-14167
• CVE-2017-15289

References

• https://access.redhat.com/security/updates/classification/#moderate

Red Hat Enterprise Linux Server 7

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux Server - Extended Update Support 7.5

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux Server - Extended Update Support 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux Workstation 7

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux Desktop 7

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux for Power, big endian 7

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
ppc64
qemu-img-1.5.3-141.el7_4.4.ppc64.rpm	SHA-256: c5ccf69cf7be8adb27a651d0eab292e9ef698b45e68379231cf99a35d108b372
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.ppc64.rpm	SHA-256: 98580c5eabfa7ee76bc2555b1833f6de71ec84ceb562f2411480b7270a848782

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
ppc64
qemu-img-1.5.3-141.el7_4.4.ppc64.rpm	SHA-256: c5ccf69cf7be8adb27a651d0eab292e9ef698b45e68379231cf99a35d108b372
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.ppc64.rpm	SHA-256: 98580c5eabfa7ee76bc2555b1833f6de71ec84ceb562f2411480b7270a848782

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
ppc64
qemu-img-1.5.3-141.el7_4.4.ppc64.rpm	SHA-256: c5ccf69cf7be8adb27a651d0eab292e9ef698b45e68379231cf99a35d108b372
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.ppc64.rpm	SHA-256: 98580c5eabfa7ee76bc2555b1833f6de71ec84ceb562f2411480b7270a848782

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux EUS Compute Node 7.5

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux EUS Compute Node 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux Server - AUS 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux for Power, little endian 7

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
ppc64le
qemu-img-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: aa9b541e385bf815e6f9755e6bb7270594738731b81f3ba97463747a1aa2ad32
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: 195e1c37b63ded2f4aecbe08262a66489fc59bbf9e575c3f5884c99995659cb3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
ppc64le
qemu-img-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: aa9b541e385bf815e6f9755e6bb7270594738731b81f3ba97463747a1aa2ad32
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: 195e1c37b63ded2f4aecbe08262a66489fc59bbf9e575c3f5884c99995659cb3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
ppc64le
qemu-img-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: aa9b541e385bf815e6f9755e6bb7270594738731b81f3ba97463747a1aa2ad32
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: 195e1c37b63ded2f4aecbe08262a66489fc59bbf9e575c3f5884c99995659cb3

Red Hat Enterprise Linux Server - TUS 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
ppc64le
qemu-img-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: aa9b541e385bf815e6f9755e6bb7270594738731b81f3ba97463747a1aa2ad32
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.ppc64le.rpm	SHA-256: 195e1c37b63ded2f4aecbe08262a66489fc59bbf9e575c3f5884c99995659cb3

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4

SRPM
qemu-kvm-1.5.3-141.el7_4.4.src.rpm	SHA-256: 79197c8656f33e3ff2989b29247fede0f5590e429b4df0b7851e7a6770a30071
x86_64
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 14bc7d207d6d53eb23c40a2a9845fda72b5f10c91e62c42069156f73624a7580
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 45355791c9692aa4f700362e89854644716cdeb412055f785be7fb9562294e15
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5de8f940bd9dde6f48bdab67a847998afd9f65b8f96055cc12bbaee6f86f9ec9
qemu-kvm-debuginfo-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 5ecbd65397af190aba3d9e34a0148eaa1e398366ad46bb4ed38215082c401008
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm	SHA-256: 7874669c6512705e903852ae60fc3b7fe60db2a220e9207d5a0980c06bf72701