RHSA-2018:2762 - Security Advisory

Overview
Updated Packages

Synopsis

Important: qemu-kvm-ma security update

Type/Severity

Security Advisory: Important

Topic

An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.

Security Fix(es):

QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Jskz - Zero Day Initiative (trendmicro.com) for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le
Red Hat Enterprise Linux for ARM 64 7 aarch64
Red Hat Enterprise Linux for Power 9 7 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

BZ - 1586245 - CVE-2018-11806 QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams

CVEs

CVE-2018-11806

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
s390x
qemu-img-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 20f7ea4396471d2ae1ffff9fe8153406d6223d81e41a569dc2d71fbc13a8662f
qemu-kvm-common-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 980b0d162d77e203ae09f4b662e1a69f39ae6ba79635c7150afac40225f8cb12
qemu-kvm-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 69337400db92732094e86d2028e919823fbfac5f496d2253f394d71796b2a338
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 395e22f80a5da048fbe5d3a9056c3b2b92ee5aa36c1fa1d31cff4beabe49d26f
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: c4977891a55590c1dc140c721996e15e2131d738a6e080c6d7bac9b776c764cd

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
s390x
qemu-img-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 20f7ea4396471d2ae1ffff9fe8153406d6223d81e41a569dc2d71fbc13a8662f
qemu-kvm-common-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 980b0d162d77e203ae09f4b662e1a69f39ae6ba79635c7150afac40225f8cb12
qemu-kvm-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 69337400db92732094e86d2028e919823fbfac5f496d2253f394d71796b2a338
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 395e22f80a5da048fbe5d3a9056c3b2b92ee5aa36c1fa1d31cff4beabe49d26f
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: c4977891a55590c1dc140c721996e15e2131d738a6e080c6d7bac9b776c764cd

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
s390x
qemu-img-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 20f7ea4396471d2ae1ffff9fe8153406d6223d81e41a569dc2d71fbc13a8662f
qemu-kvm-common-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 980b0d162d77e203ae09f4b662e1a69f39ae6ba79635c7150afac40225f8cb12
qemu-kvm-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 69337400db92732094e86d2028e919823fbfac5f496d2253f394d71796b2a338
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 395e22f80a5da048fbe5d3a9056c3b2b92ee5aa36c1fa1d31cff4beabe49d26f
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: c4977891a55590c1dc140c721996e15e2131d738a6e080c6d7bac9b776c764cd

Red Hat Enterprise Linux for Power, big endian 7

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64
qemu-img-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 01d6025da70ea66aff11ba377d0a5f225ce5be96adbe83d2979d8cd2db55a501
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 03dfb08519608559023128b5a2005871e2fd1eeed20b402dd1ebb56a9c8df9e5
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: b34c94eee14e59590c9e98464d311a510b8b32abe47ed10634d97ef5c2cb0f5a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 807b85f70ca87de1abe29fa88dc4af14f7f83a234b8f3c3b16837c0297a0e073
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 807b85f70ca87de1abe29fa88dc4af14f7f83a234b8f3c3b16837c0297a0e073
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: a0827be0b90ee305dbf1f83b5a03929a518d023a0ec86e8c7fad6603139439c9

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64
qemu-img-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 01d6025da70ea66aff11ba377d0a5f225ce5be96adbe83d2979d8cd2db55a501
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 03dfb08519608559023128b5a2005871e2fd1eeed20b402dd1ebb56a9c8df9e5
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: b34c94eee14e59590c9e98464d311a510b8b32abe47ed10634d97ef5c2cb0f5a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 807b85f70ca87de1abe29fa88dc4af14f7f83a234b8f3c3b16837c0297a0e073
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 807b85f70ca87de1abe29fa88dc4af14f7f83a234b8f3c3b16837c0297a0e073
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: a0827be0b90ee305dbf1f83b5a03929a518d023a0ec86e8c7fad6603139439c9

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64
qemu-img-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 01d6025da70ea66aff11ba377d0a5f225ce5be96adbe83d2979d8cd2db55a501
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 03dfb08519608559023128b5a2005871e2fd1eeed20b402dd1ebb56a9c8df9e5
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: b34c94eee14e59590c9e98464d311a510b8b32abe47ed10634d97ef5c2cb0f5a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 807b85f70ca87de1abe29fa88dc4af14f7f83a234b8f3c3b16837c0297a0e073
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: 807b85f70ca87de1abe29fa88dc4af14f7f83a234b8f3c3b16837c0297a0e073
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64.rpm	SHA-256: a0827be0b90ee305dbf1f83b5a03929a518d023a0ec86e8c7fad6603139439c9

Red Hat Enterprise Linux for Power, little endian 7

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64le
qemu-img-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: c3d36e1193dbe8f6ce1ae5069e12e78d9d5ae5c3a9ea73bbfbca0724caebd7f4
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 8d712de1d373a22d426359d1c4952300b8a8a35a6ecff6a22235f85aa013170f
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: cbd8bad198ae8451c6c975ef5d54cda7c246b74947aef53d13161237f6fdc67a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 925d1dd9976813019dafea4a806ca038c24d06e3eb31cdbe0057c153542a6e27
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 6c3713b0182cc7f348d773329d76a039a981bd9049555f3082112db0b5e5c5f2

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64le
qemu-img-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: c3d36e1193dbe8f6ce1ae5069e12e78d9d5ae5c3a9ea73bbfbca0724caebd7f4
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 8d712de1d373a22d426359d1c4952300b8a8a35a6ecff6a22235f85aa013170f
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: cbd8bad198ae8451c6c975ef5d54cda7c246b74947aef53d13161237f6fdc67a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 925d1dd9976813019dafea4a806ca038c24d06e3eb31cdbe0057c153542a6e27
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 6c3713b0182cc7f348d773329d76a039a981bd9049555f3082112db0b5e5c5f2

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64le
qemu-img-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: c3d36e1193dbe8f6ce1ae5069e12e78d9d5ae5c3a9ea73bbfbca0724caebd7f4
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 8d712de1d373a22d426359d1c4952300b8a8a35a6ecff6a22235f85aa013170f
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: cbd8bad198ae8451c6c975ef5d54cda7c246b74947aef53d13161237f6fdc67a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 925d1dd9976813019dafea4a806ca038c24d06e3eb31cdbe0057c153542a6e27
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 6c3713b0182cc7f348d773329d76a039a981bd9049555f3082112db0b5e5c5f2

Red Hat Enterprise Linux for ARM 64 7

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
aarch64
qemu-img-ma-2.10.0-21.el7_5.4.aarch64.rpm	SHA-256: 8bba809fb65c9da61da052f35bc6034008719c2feb3868e5f93b7a6bde8ab7e5
qemu-kvm-common-ma-2.10.0-21.el7_5.4.aarch64.rpm	SHA-256: 182eee1b9e99b610a810c8873eab7979f7ebf81d1dcab67877cc88045d589ed3
qemu-kvm-ma-2.10.0-21.el7_5.4.aarch64.rpm	SHA-256: 3df9bbfb88b805e479ce343130ae88f1876d4c6112a25851fb5399c69749ef37
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.aarch64.rpm	SHA-256: f2f105f3454e847b3f4667d345ce7a916bbfbf33509299f8841c75b9afa473f7
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.aarch64.rpm	SHA-256: 19147615c8c39fc4e296fe480fc2bacbbdb21932ac0aa837651b4cae727c41da

Red Hat Enterprise Linux for Power 9 7

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64le
qemu-img-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: c3d36e1193dbe8f6ce1ae5069e12e78d9d5ae5c3a9ea73bbfbca0724caebd7f4
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 8d712de1d373a22d426359d1c4952300b8a8a35a6ecff6a22235f85aa013170f
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: cbd8bad198ae8451c6c975ef5d54cda7c246b74947aef53d13161237f6fdc67a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 925d1dd9976813019dafea4a806ca038c24d06e3eb31cdbe0057c153542a6e27
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 6c3713b0182cc7f348d773329d76a039a981bd9049555f3082112db0b5e5c5f2

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
ppc64le
qemu-img-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: c3d36e1193dbe8f6ce1ae5069e12e78d9d5ae5c3a9ea73bbfbca0724caebd7f4
qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 8d712de1d373a22d426359d1c4952300b8a8a35a6ecff6a22235f85aa013170f
qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: cbd8bad198ae8451c6c975ef5d54cda7c246b74947aef53d13161237f6fdc67a
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 925d1dd9976813019dafea4a806ca038c24d06e3eb31cdbe0057c153542a6e27
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64le.rpm	SHA-256: 6c3713b0182cc7f348d773329d76a039a981bd9049555f3082112db0b5e5c5f2

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm	SHA-256: 8c3f8fccf5f6529b19603ce33e4ef5c230996900875a41f44747b2c83fa5dcd0
s390x
qemu-img-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 20f7ea4396471d2ae1ffff9fe8153406d6223d81e41a569dc2d71fbc13a8662f
qemu-kvm-common-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 980b0d162d77e203ae09f4b662e1a69f39ae6ba79635c7150afac40225f8cb12
qemu-kvm-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 69337400db92732094e86d2028e919823fbfac5f496d2253f394d71796b2a338
qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: 395e22f80a5da048fbe5d3a9056c3b2b92ee5aa36c1fa1d31cff4beabe49d26f
qemu-kvm-tools-ma-2.10.0-21.el7_5.4.s390x.rpm	SHA-256: c4977891a55590c1dc140c721996e15e2131d738a6e080c6d7bac9b776c764cd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.