RHSA-2018:1369 - Security Advisory
Moderate: qemu-kvm-rhev security and bug fix update
Security Advisory: Moderate
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
- QEMU: i386: multiboot OOB access while loading kernel image (CVE-2018-7550)
- QEMU: cirrus: OOB access when updating VGA display (CVE-2018-7858)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Cyrille Chatras (Orange.com) and CERT-CC (Orange.com) for reporting CVE-2018-7550 and Ross Lagerwall (Citrix.com) for reporting CVE-2018-7858.
- In certain Red Hat Virtualization (RHV) guest configurations, virtual pass-through devices could not be removed properly. A reference count leak in the QEMU emulator has been removed, and the affected devices are now removed reliably. (BZ#1555213)
- Previously, a raw disk image that was using the "--preallocation=full" option in some cases could not be resized. This problem has been fixed and no longer occurs. (BZ#1566587)
- Due to race conditions in the virtio-blk and virtio-scsi services, the QEMU emulator sometimes terminated unexpectedly when shutting down. The race conditions have been removed, and QEMU now exits gracefully. (BZ#1566586)
- Prior to this update, deleting guest snapshots using the RHV GUI in some cases failed due to an incorrect image-seeking algorithm. This update fixes the underlying code, and guest snapshots in RHV can now be deleted successfully. (BZ#1566369)
For details on how to apply this update, which includes the changes described in this advisory, refer to:
After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
- Red Hat Virtualization 4.3 x86_64
- Red Hat Virtualization for IBM Power LE 4 for RHEL 7 ppc64le
- BZ - 1549798 - CVE-2018-7550 QEMU: i386: multiboot OOB access while loading kernel image
- BZ - 1553402 - CVE-2018-7858 QEMU: cirrus: OOB access when updating VGA display
- BZ - 1555213 - [Q35] "DEVICE_DELETED" event didn't return after delete the second passthrough vf device [rhel-7.5.z]
- BZ - 1566369 - qemu-img commit fails with "block/file-posix.c:1774: find_allocation: Assertion `offs >= start' failed" [rhel-7.5.z]
- BZ - 1566586 - Occurred core dump with multi-object when quitted qemu during doing IO [rhel-7.5.z]
- BZ - 1566587 - Unable to resize image with preallocation=full mode [rhel-7.5.z]
Red Hat Virtualization 4.3
Red Hat Virtualization 4 for RHEL 7
Red Hat Virtualization for IBM Power LE 4 for RHEL 7