Issued:
2020-04-08
Updated:
2020-04-08

RHSA-2020:1403 - Security Advisory

Synopsis

Important: qemu-kvm security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

Security Fix(es):

  • QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6] (BZ#1791680)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64

Fixes

  • BZ - 1791680 - QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6]
  • BZ - 1798453 - CVE-2020-8608 QEMU: Slirp: potential OOB access due to unsafe snprintf() usages

Red Hat Enterprise Linux Server 6

SRPM
qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237
x86_64
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9
qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300
qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a
qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344
i386
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237
x86_64
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9
qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300
qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a
qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344
i386
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a

Red Hat Enterprise Linux Workstation 6

SRPM
qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237
x86_64
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9
qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300
qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a
qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344
i386
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a

Red Hat Enterprise Linux Desktop 6

SRPM
qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237
x86_64
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9
qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300
qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a
qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344
i386
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: f1e73f3e11d8fa336ae8af1b6389d8141d3a1383d810159b0c26335f568ff588
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.i686.rpm SHA-256: ba786a6150c0ef6b2e8f76abfd86977fb3f96b5924beffda2183e13ecee67a0a

Red Hat Enterprise Linux for Power, big endian 6

SRPM
qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237
ppc64
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.ppc64.rpm SHA-256: b6b5aceb1ddcc87a42eda1cad9f1e82341a20a93f886048eb9bda6997260c6a5
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.ppc64.rpm SHA-256: 88ce181791e8d89af1f374f569c365985f0cc031a68541385b07c34ee8d04e10

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm SHA-256: 7729e98e3dbb5dd0e67151526a44f3dc19725e0f3cc47515edee3d9dd390b237
x86_64
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 82fc9e37172c8561f933cb9a702195b6783fe8804a4b13e97190cd75ba7557f9
qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: d992a3ccc5fb2053e66affbd21d9314b3773c47f1947d2857caa03b535f02300
qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: b7f08a5d0c58caa4f3508f4b41014a9a8acfdab84ecb6496c841de405ddb8692
qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 95239195a38fbf612befde13a1935f5148c9eaa0f4b15c9916660f965ad7f78a
qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm SHA-256: 9bb6e19e15a7b20a24d7b1576eb0fc0e2503782bbed33e24065ecbfa6d0b7344

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.