Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2018:3407 - Security Advisory
Issued:
2018-10-30
Updated:
2018-10-30

RHSA-2018:3407 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: libvirt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libvirt is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

Security Fix(es):

  • An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639 virt-ssbd AMD)

Note: This is the libvirt side of the CVE-2018-3639 mitigation.

Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, libvirtd will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.2 x86_64

Fixes

  • BZ - 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

CVEs

  • CVE-2018-3639

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/security/vulnerabilities/ssbd
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.2

SRPM
libvirt-1.2.17-13.el7_2.9.src.rpm SHA-256: 11ddaa400d93163efc9859ef85fe9e7d0cdf0cdf9081a099d8e0bf4ab6d69a92
x86_64
libvirt-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 15352f7fa10e30e926bbbeb53201625251190b528a6987f262f535fd6064fb2f
libvirt-client-1.2.17-13.el7_2.9.i686.rpm SHA-256: 50eeef1e9cf18d32c20d2a436dedd61eee24a3c8df262b44a99903b5385d08aa
libvirt-client-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: a13f1f828b172f24abd327218f666d121a023672bc3f109ce159f53d52dc1615
libvirt-daemon-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: d056d56eb0eb3697b0eee7875aca8cce35e43f238c56f1e7780db2b9d34c6401
libvirt-daemon-config-network-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 942d3d1efc7ffdce6e77ad64b748cf2feb82d6ce7edef6586516516dd66da083
libvirt-daemon-config-nwfilter-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c7d6983b69d06523c15035542c8cbbaa7b15254be2ce3ce2c8db0d632e375c54
libvirt-daemon-driver-interface-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: e1e4d0ab80f064a7ff9fa0d018ee64e7b22c78caef31a45f7b480706f68038ed
libvirt-daemon-driver-lxc-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: ae6e020a4ac3170a489bdcdac0a92d9c780b5c8b23876029d4f6b39c29757a3d
libvirt-daemon-driver-network-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: eb488b61fec0a473255aa1023e76fe096ee9022b42bc271677ae285c92253c5b
libvirt-daemon-driver-nodedev-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: cb88e4b0d20737d388bbe0c2f0de796e0449b2b565028ae8239d2925c9df64c6
libvirt-daemon-driver-nwfilter-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: f9c0b2d8b3eec3f1e3bbfd870d7c39e5a3aa8f93a331d7c67a92f905814bffc8
libvirt-daemon-driver-qemu-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 0fb7aa5e7fe73efdf4547727d6d6095139577187f4939009971afa02e7143c2b
libvirt-daemon-driver-secret-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 1e6156bf01ba334a4712c1c45c3ad0fa94b062544428e187970a1a93638805ff
libvirt-daemon-driver-storage-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: ec5d6a5a430638984d35964a7850e7f74e036fccbcbe4d10cb3d36ba8735e296
libvirt-daemon-kvm-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 767caacf89386a46ce7a0be8592a38798d0f053251516547b37218cfa81e73c0
libvirt-daemon-lxc-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 3c6baec540375ca70a8529bd1147d0418d7638a0203a20a53a015d2ea63294f4
libvirt-debuginfo-1.2.17-13.el7_2.9.i686.rpm SHA-256: 1b22ff29eb8e3e5d15a7a43282fb71f36a0265459dfc8f240a39d2acc523c305
libvirt-debuginfo-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c371449a5702de64694d4a50c51047f27f2fec12566be6adc1b4a7ad273a166e
libvirt-debuginfo-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c371449a5702de64694d4a50c51047f27f2fec12566be6adc1b4a7ad273a166e
libvirt-devel-1.2.17-13.el7_2.9.i686.rpm SHA-256: 0e0180d31a1fe8bdf9eae64bc8be78ae13da3caa5df0785db92adff1fbdd3323
libvirt-devel-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: d0eaa9b45a4fc3876b78b31f2d129db9c86532e6b4b72e8c100742a69bd05a13
libvirt-docs-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 5aa964083f0e1acd1f7cf37db633fbe2bc2235e182a0b5f899816165768531d4
libvirt-lock-sanlock-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c45d79b45ccaa9fe5322ac62d8a53a2385533e619bcc521fbf0a5888998a65d0
libvirt-login-shell-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 531048ea8e65d4d378b9e92e3dd7eb55b9ed60bdb32225f5e539c27ec6dcfdfc

Red Hat Enterprise Linux Server - TUS 7.2

SRPM
libvirt-1.2.17-13.el7_2.9.src.rpm SHA-256: 11ddaa400d93163efc9859ef85fe9e7d0cdf0cdf9081a099d8e0bf4ab6d69a92
x86_64
libvirt-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 15352f7fa10e30e926bbbeb53201625251190b528a6987f262f535fd6064fb2f
libvirt-client-1.2.17-13.el7_2.9.i686.rpm SHA-256: 50eeef1e9cf18d32c20d2a436dedd61eee24a3c8df262b44a99903b5385d08aa
libvirt-client-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: a13f1f828b172f24abd327218f666d121a023672bc3f109ce159f53d52dc1615
libvirt-daemon-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: d056d56eb0eb3697b0eee7875aca8cce35e43f238c56f1e7780db2b9d34c6401
libvirt-daemon-config-network-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 942d3d1efc7ffdce6e77ad64b748cf2feb82d6ce7edef6586516516dd66da083
libvirt-daemon-config-nwfilter-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c7d6983b69d06523c15035542c8cbbaa7b15254be2ce3ce2c8db0d632e375c54
libvirt-daemon-driver-interface-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: e1e4d0ab80f064a7ff9fa0d018ee64e7b22c78caef31a45f7b480706f68038ed
libvirt-daemon-driver-lxc-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: ae6e020a4ac3170a489bdcdac0a92d9c780b5c8b23876029d4f6b39c29757a3d
libvirt-daemon-driver-network-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: eb488b61fec0a473255aa1023e76fe096ee9022b42bc271677ae285c92253c5b
libvirt-daemon-driver-nodedev-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: cb88e4b0d20737d388bbe0c2f0de796e0449b2b565028ae8239d2925c9df64c6
libvirt-daemon-driver-nwfilter-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: f9c0b2d8b3eec3f1e3bbfd870d7c39e5a3aa8f93a331d7c67a92f905814bffc8
libvirt-daemon-driver-qemu-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 0fb7aa5e7fe73efdf4547727d6d6095139577187f4939009971afa02e7143c2b
libvirt-daemon-driver-secret-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 1e6156bf01ba334a4712c1c45c3ad0fa94b062544428e187970a1a93638805ff
libvirt-daemon-driver-storage-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: ec5d6a5a430638984d35964a7850e7f74e036fccbcbe4d10cb3d36ba8735e296
libvirt-daemon-kvm-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 767caacf89386a46ce7a0be8592a38798d0f053251516547b37218cfa81e73c0
libvirt-daemon-lxc-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 3c6baec540375ca70a8529bd1147d0418d7638a0203a20a53a015d2ea63294f4
libvirt-debuginfo-1.2.17-13.el7_2.9.i686.rpm SHA-256: 1b22ff29eb8e3e5d15a7a43282fb71f36a0265459dfc8f240a39d2acc523c305
libvirt-debuginfo-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c371449a5702de64694d4a50c51047f27f2fec12566be6adc1b4a7ad273a166e
libvirt-debuginfo-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c371449a5702de64694d4a50c51047f27f2fec12566be6adc1b4a7ad273a166e
libvirt-devel-1.2.17-13.el7_2.9.i686.rpm SHA-256: 0e0180d31a1fe8bdf9eae64bc8be78ae13da3caa5df0785db92adff1fbdd3323
libvirt-devel-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: d0eaa9b45a4fc3876b78b31f2d129db9c86532e6b4b72e8c100742a69bd05a13
libvirt-docs-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 5aa964083f0e1acd1f7cf37db633fbe2bc2235e182a0b5f899816165768531d4
libvirt-lock-sanlock-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c45d79b45ccaa9fe5322ac62d8a53a2385533e619bcc521fbf0a5888998a65d0
libvirt-login-shell-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 531048ea8e65d4d378b9e92e3dd7eb55b9ed60bdb32225f5e539c27ec6dcfdfc

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.2

SRPM
libvirt-1.2.17-13.el7_2.9.src.rpm SHA-256: 11ddaa400d93163efc9859ef85fe9e7d0cdf0cdf9081a099d8e0bf4ab6d69a92
x86_64
libvirt-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 15352f7fa10e30e926bbbeb53201625251190b528a6987f262f535fd6064fb2f
libvirt-client-1.2.17-13.el7_2.9.i686.rpm SHA-256: 50eeef1e9cf18d32c20d2a436dedd61eee24a3c8df262b44a99903b5385d08aa
libvirt-client-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: a13f1f828b172f24abd327218f666d121a023672bc3f109ce159f53d52dc1615
libvirt-daemon-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: d056d56eb0eb3697b0eee7875aca8cce35e43f238c56f1e7780db2b9d34c6401
libvirt-daemon-config-network-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 942d3d1efc7ffdce6e77ad64b748cf2feb82d6ce7edef6586516516dd66da083
libvirt-daemon-config-nwfilter-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c7d6983b69d06523c15035542c8cbbaa7b15254be2ce3ce2c8db0d632e375c54
libvirt-daemon-driver-interface-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: e1e4d0ab80f064a7ff9fa0d018ee64e7b22c78caef31a45f7b480706f68038ed
libvirt-daemon-driver-lxc-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: ae6e020a4ac3170a489bdcdac0a92d9c780b5c8b23876029d4f6b39c29757a3d
libvirt-daemon-driver-network-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: eb488b61fec0a473255aa1023e76fe096ee9022b42bc271677ae285c92253c5b
libvirt-daemon-driver-nodedev-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: cb88e4b0d20737d388bbe0c2f0de796e0449b2b565028ae8239d2925c9df64c6
libvirt-daemon-driver-nwfilter-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: f9c0b2d8b3eec3f1e3bbfd870d7c39e5a3aa8f93a331d7c67a92f905814bffc8
libvirt-daemon-driver-qemu-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 0fb7aa5e7fe73efdf4547727d6d6095139577187f4939009971afa02e7143c2b
libvirt-daemon-driver-secret-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 1e6156bf01ba334a4712c1c45c3ad0fa94b062544428e187970a1a93638805ff
libvirt-daemon-driver-storage-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: ec5d6a5a430638984d35964a7850e7f74e036fccbcbe4d10cb3d36ba8735e296
libvirt-daemon-kvm-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 767caacf89386a46ce7a0be8592a38798d0f053251516547b37218cfa81e73c0
libvirt-daemon-lxc-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 3c6baec540375ca70a8529bd1147d0418d7638a0203a20a53a015d2ea63294f4
libvirt-debuginfo-1.2.17-13.el7_2.9.i686.rpm SHA-256: 1b22ff29eb8e3e5d15a7a43282fb71f36a0265459dfc8f240a39d2acc523c305
libvirt-debuginfo-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c371449a5702de64694d4a50c51047f27f2fec12566be6adc1b4a7ad273a166e
libvirt-debuginfo-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c371449a5702de64694d4a50c51047f27f2fec12566be6adc1b4a7ad273a166e
libvirt-devel-1.2.17-13.el7_2.9.i686.rpm SHA-256: 0e0180d31a1fe8bdf9eae64bc8be78ae13da3caa5df0785db92adff1fbdd3323
libvirt-devel-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: d0eaa9b45a4fc3876b78b31f2d129db9c86532e6b4b72e8c100742a69bd05a13
libvirt-docs-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 5aa964083f0e1acd1f7cf37db633fbe2bc2235e182a0b5f899816165768531d4
libvirt-lock-sanlock-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: c45d79b45ccaa9fe5322ac62d8a53a2385533e619bcc521fbf0a5888998a65d0
libvirt-login-shell-1.2.17-13.el7_2.9.x86_64.rpm SHA-256: 531048ea8e65d4d378b9e92e3dd7eb55b9ed60bdb32225f5e539c27ec6dcfdfc

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat X (formerly Twitter)

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility