- Issued:
- 2020-08-03
- Updated:
- 2020-08-03
RHSA-2020:3267 - Security Advisory
Synopsis
Low: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 4.3.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
Security Fix(es):
- CVE-2019-20382 QEMU: vnc: memory leakage upon disconnect
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Add support for newer glusterfs (BZ#1802216)
- Backport: Passthrough host CPU microcode version to KVM guest if using CPU passthrough to RHEL 7.7/7.8 (BZ#1791653)
- After hot unplug virtio-net and vfio nic, hot plug vfio-pci device fails in Win2019 guest (BZ#1721403)
- qemu-kvm-rhev: Qemu: seccomp: blacklist is not applied to all threads (BZ#1618504)
- Fix overzealous I/O request splitting performance regression (BZ#1819253)
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Virtualization Manager 4.3 x86_64
- Red Hat Virtualization 4 for RHEL 7 x86_64
- Red Hat Virtualization for IBM Power LE 4 for RHEL 7 ppc64le
Fixes
- BZ - 1721403 - After hot unplug virtio-net and vfio nic, hot plug vfio-pci device fails in Win2019 guest
- BZ - 1791653 - Backport: Passthrough host CPU microcode version to KVM guest if using CPU passthrough to RHEL 7.7/7.8
- BZ - 1802216 - Add support for newer glusterfs
- BZ - 1810390 - CVE-2019-20382 QEMU: vnc: memory leakage upon disconnect
- BZ - 1819253 - Fix overzealous I/O request splitting performance regression
Red Hat Virtualization Manager 4.3
| SRPM | |
|---|---|
| qemu-kvm-rhev-2.12.0-48.el7.src.rpm | SHA-256: 51ddd8db83fa55c05a80bc50ce41ba36173a666050b27cd85cdc723ec973b656 |
| x86_64 | |
| qemu-img-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: 740ba7e7608f65ded8d36454cf38fe9d324170a8f8066f4bde286f026d290f18 |
| qemu-kvm-common-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: fc3d663769574a4d3f95aa8f517b753aba41aa0d88b9a7391289586250d25c76 |
| qemu-kvm-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: 2540a0400bf069a8171ed8edfd921f2432cc601b28eb1ebb394c1fe3c7900086 |
| qemu-kvm-rhev-debuginfo-2.12.0-48.el7.x86_64.rpm | SHA-256: b4e6664f91350960b1cf3756302f56b620508fe7b6150cf8285e959bb70329ad |
| qemu-kvm-tools-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: 381f996ef4175946756027013d2df5fb026edc6c7a9307236ca8471cbf08e3f6 |
Red Hat Virtualization 4 for RHEL 7
| SRPM | |
|---|---|
| qemu-kvm-rhev-2.12.0-48.el7.src.rpm | SHA-256: 51ddd8db83fa55c05a80bc50ce41ba36173a666050b27cd85cdc723ec973b656 |
| x86_64 | |
| qemu-img-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: 740ba7e7608f65ded8d36454cf38fe9d324170a8f8066f4bde286f026d290f18 |
| qemu-kvm-common-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: fc3d663769574a4d3f95aa8f517b753aba41aa0d88b9a7391289586250d25c76 |
| qemu-kvm-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: 2540a0400bf069a8171ed8edfd921f2432cc601b28eb1ebb394c1fe3c7900086 |
| qemu-kvm-rhev-debuginfo-2.12.0-48.el7.x86_64.rpm | SHA-256: b4e6664f91350960b1cf3756302f56b620508fe7b6150cf8285e959bb70329ad |
| qemu-kvm-tools-rhev-2.12.0-48.el7.x86_64.rpm | SHA-256: 381f996ef4175946756027013d2df5fb026edc6c7a9307236ca8471cbf08e3f6 |
Red Hat Virtualization for IBM Power LE 4 for RHEL 7
| SRPM | |
|---|---|
| qemu-kvm-rhev-2.12.0-48.el7.src.rpm | SHA-256: 51ddd8db83fa55c05a80bc50ce41ba36173a666050b27cd85cdc723ec973b656 |
| ppc64le | |
| qemu-img-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: acbce7ee0d9059e979a432d245b72a9bedc39156f4c36be318d3006561954821 |
| qemu-img-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: acbce7ee0d9059e979a432d245b72a9bedc39156f4c36be318d3006561954821 |
| qemu-kvm-common-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: 552106b6c74812053826e99fc7797863876a3f2aafd1d64822563acb01fed493 |
| qemu-kvm-common-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: 552106b6c74812053826e99fc7797863876a3f2aafd1d64822563acb01fed493 |
| qemu-kvm-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: a12a21ec1e6c87dfb9586e2cf83e08d0b6f8f35548051cbf3a59ab67083dd479 |
| qemu-kvm-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: a12a21ec1e6c87dfb9586e2cf83e08d0b6f8f35548051cbf3a59ab67083dd479 |
| qemu-kvm-rhev-debuginfo-2.12.0-48.el7.ppc64le.rpm | SHA-256: 928929bf40c4502edc9a584594858fb01f29c9ce6dcec6b2eff2503c6d9d439c |
| qemu-kvm-rhev-debuginfo-2.12.0-48.el7.ppc64le.rpm | SHA-256: 928929bf40c4502edc9a584594858fb01f29c9ce6dcec6b2eff2503c6d9d439c |
| qemu-kvm-tools-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: 64540053843277f62be69eb915537820d75ad77577f3b0ffb86d93182f9d52d5 |
| qemu-kvm-tools-rhev-2.12.0-48.el7.ppc64le.rpm | SHA-256: 64540053843277f62be69eb915537820d75ad77577f3b0ffb86d93182f9d52d5 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
