- Issued:
- 2020-04-08
- Updated:
- 2020-04-08
RHSA-2020:1403 - Security Advisory
Synopsis
Important: qemu-kvm security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.
Security Fix(es):
- QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6] (BZ#1791680)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
Fixes
- BZ - 1791680 - QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6]
- BZ - 1798453 - CVE-2020-8608 QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm | SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237 |
| x86_64 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9 |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9 |
| qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300 |
| qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300 |
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692 |
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a |
| qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344 |
| qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344 |
| i386 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm | SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237 |
| x86_64 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9 |
| qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300 |
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a |
| qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344 |
| i386 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a |
Red Hat Enterprise Linux Workstation 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm | SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237 |
| x86_64 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9 |
| qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300 |
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a |
| qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344 |
| i386 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a |
Red Hat Enterprise Linux Desktop 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm | SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237 |
| x86_64 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9 |
| qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300 |
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a |
| qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344 |
| i386 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a |
Red Hat Enterprise Linux for Power, big endian 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm | SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237 |
| ppc64 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.ppc64.rpm | SHA-256: b6b5aceb1ddcc87a42eda1cad9f1e82341a20a93f886048eb9bda6997260c6a5 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.ppc64.rpm | SHA-256: 88ce181791e8d89af1f374f569c365985f0cc031a68541385b07c34ee8d04e10 |
Red Hat Enterprise Linux for Scientific Computing 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm | SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237 |
| x86_64 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9 |
| qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300 |
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a |
| qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm | SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237 |
| x86_64 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9 |
| qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300 |
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a |
| qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm | SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344 |
| i386 | |
| qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588 |
| qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm | SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
