ALSA-2022:7967

[ALSA-2022:7967] Moderate: qemu-kvm security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2022-11-18

Description:

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

The following packages have been upgraded to a later upstream version: qemu-kvm (7.0.0). (BZ#2064757)

Security Fix(es):

* QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free (CVE-2021-3750)
* QEMU: fdc: heap buffer overflow in DMA read data transfers (CVE-2021-3507)
* QEMU: intel-hda: segmentation fault due to stack overflow (CVE-2021-3611)
* QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	qemu-kvm-device-display-virtio-gpu-gl-7.0.0-13.el9.aarch64.rpm	0e081e4b6a87e7dbef3eb22697509a3633efe93b753c777f196d70284723ca91
aarch64	qemu-kvm-7.0.0-13.el9.aarch64.rpm	1c2806e7197a2f9171005efc9d5beca7ab4df038ea804ac482573f3093fbf06b
aarch64	qemu-kvm-device-display-virtio-gpu-pci-gl-7.0.0-13.el9.aarch64.rpm	28cd8d2dc9448ab65fcf37d478e02cf106c195f2244f1806291683b30b0013e9
aarch64	qemu-guest-agent-7.0.0-13.el9.aarch64.rpm	328c2db8e209670775510c39ca7da5f4543e57467aa1c9dbf8bd559aaf6c6ed6
aarch64	qemu-img-7.0.0-13.el9.aarch64.rpm	39941738f790bc828e34bb978546b7e61b7e402f0967cc786f4a2ebf5f703b36
aarch64	qemu-kvm-block-rbd-7.0.0-13.el9.aarch64.rpm	3b24d970348a646538f77abef55216a4076b441ea99330e2e2be7dfa96e9e221
aarch64	qemu-pr-helper-7.0.0-13.el9.aarch64.rpm	48a9435aba637945e4df23c10a444d47d4da66aae20a71f3d71cf6931c6558eb
aarch64	qemu-kvm-device-display-virtio-gpu-pci-7.0.0-13.el9.aarch64.rpm	49cfe8210d2a789fcbb072336ad2bc3f2de59a41f88b73ee311476f8ac43be85
aarch64	qemu-kvm-block-curl-7.0.0-13.el9.aarch64.rpm	630d62a4c1d9f2d69973d3a744b4a5d8bb829282ad9fe5afc1255e1f090bb851
aarch64	qemu-kvm-audio-pa-7.0.0-13.el9.aarch64.rpm	65437cfbbd447361a797d94a304e7b7f147af45f503a0845fa7dac31432d16b0
aarch64	qemu-kvm-device-usb-host-7.0.0-13.el9.aarch64.rpm	92034accf7482c3009b092d4e5880b488fd3b39e176832f57d33bda30e60d940
aarch64	qemu-kvm-device-display-virtio-gpu-7.0.0-13.el9.aarch64.rpm	a0bcffa162be6194a763bd3a252b876b20f13c0f6fb23be11748474b88ef29ec
aarch64	qemu-kvm-docs-7.0.0-13.el9.aarch64.rpm	b7fbdcf7dc9c1a24952aef78d68e454e7e3520cb36f43130b05463fd2ad48af1
aarch64	qemu-kvm-common-7.0.0-13.el9.aarch64.rpm	d0e3e0896154be1d48a85212bd33b0a4c4c31fa300c04718aa12c31d8093f14f
aarch64	qemu-kvm-core-7.0.0-13.el9.aarch64.rpm	e28b42766ebb1f62a449514709adac0cd754423a1fae5bdebf6fc903bff363e6
aarch64	qemu-kvm-tools-7.0.0-13.el9.aarch64.rpm	ef917bede676cedc5ea06834a505e1b43f2669b8fcde9d326bc9d5f221d3e20d
ppc64le	qemu-guest-agent-7.0.0-13.el9.ppc64le.rpm	3efe04a21fba6bcb670b54f03b923574613f2319882ec69dc586d70c838dec11
ppc64le	qemu-img-7.0.0-13.el9.ppc64le.rpm	5224f243829f2d60ce19f35dbbdb434f1a8d13244f7ecf540fab2071338db03d
s390x	qemu-kvm-audio-pa-7.0.0-13.el9.s390x.rpm	01978350b41b64443d2d59395322f0bbb8656154dbc25afe3738920ee0509f9f
s390x	qemu-kvm-device-display-virtio-gpu-ccw-7.0.0-13.el9.s390x.rpm	1aa7033a406b41886d7830a8d3985288487d2b9fc0a34a439d979ecf48f9b943
s390x	qemu-kvm-common-7.0.0-13.el9.s390x.rpm	26184fb20ad36ed0cf9b66a712c8fd842f295e2e32bff66316fd452c7fbf04db
s390x	qemu-kvm-device-display-virtio-gpu-7.0.0-13.el9.s390x.rpm	39eef99a7a7e4002723484120d313c8f68d983bbd334c63f30ae4fb7b47aeee7
s390x	qemu-guest-agent-7.0.0-13.el9.s390x.rpm	43ce90c54a2d4b0d42f7d379e809ba9035573b9fdd12eea56d0726223b5efe51
s390x	qemu-kvm-tools-7.0.0-13.el9.s390x.rpm	55ce02b6f5f872398b828d9e0a16cbc7f26df8a81152b1d7f133e62f1327662d
s390x	qemu-img-7.0.0-13.el9.s390x.rpm	61d52a4cb129054d2822343a84594e3f2a22d26d020664bbe58d0d7c2a5ade5d
s390x	qemu-kvm-block-curl-7.0.0-13.el9.s390x.rpm	806c308ab8a010fdbef0072dcd256e7fcc0abe1b4d7712097e744804f0dcde20
s390x	qemu-kvm-block-rbd-7.0.0-13.el9.s390x.rpm	898f9f53e52b54765c9b48ec730f27f25e886b92646f50dafceae9df4f94ecaa
s390x	qemu-kvm-docs-7.0.0-13.el9.s390x.rpm	ab444489a2a7da9d8d0b43d4046ac1c638d2a4fcf449f7089e46c44f0a91489f
s390x	qemu-kvm-device-display-virtio-gpu-gl-7.0.0-13.el9.s390x.rpm	acb4077d3908a1648fb0e43948ff9598e904bf0cc616d7314499530ce6a6603d
s390x	qemu-pr-helper-7.0.0-13.el9.s390x.rpm	b55c70b1599c4afea6e674cde9ffc9d440ebef791a142089ebe6aa5d991b0420
s390x	qemu-kvm-7.0.0-13.el9.s390x.rpm	c012f755c12e9f2ef74101ae5a4a8f5f60d52ad08223ceaacf5523f8631e6d09
s390x	qemu-kvm-device-usb-host-7.0.0-13.el9.s390x.rpm	cf4d71f1f7cbe95a940d2dfcda719598c80ab76b5673e00c316c81dda80cfba1
s390x	qemu-kvm-core-7.0.0-13.el9.s390x.rpm	f2dce77348a7ae9188b04bd5d2890099e3e7ebe92ac50e956370d9c578987baf
x86_64	qemu-kvm-device-display-virtio-gpu-gl-7.0.0-13.el9.x86_64.rpm	1a861b87d94df0bf977e8ff534273dab5d08b3c9a744c0bf4b666564f1b131a1
x86_64	qemu-kvm-core-7.0.0-13.el9.x86_64.rpm	1e9ae840faffabddc5c08b4a2e845a1791592b23d54566175ba4340f2047b305
x86_64	qemu-kvm-device-display-virtio-gpu-pci-gl-7.0.0-13.el9.x86_64.rpm	312acf7a7370cadfb3485a956d8e9da3a930b7ea1203aeeb538b2b1e7f5e69da
x86_64	qemu-img-7.0.0-13.el9.x86_64.rpm	340c201aa29b5fbce337e2b775a17344ea928614dabc720154ab7afc7a80243c
x86_64	qemu-kvm-tools-7.0.0-13.el9.x86_64.rpm	55b3d071d03228d5a1728e7db765bba6790525392faf28af2e4cb48fecfb80a1
x86_64	qemu-pr-helper-7.0.0-13.el9.x86_64.rpm	55dd11f8bd77be4e6f059d355049ecaedb7f0cf2cae5e9d6d0e0231626484d6d
x86_64	qemu-kvm-audio-pa-7.0.0-13.el9.x86_64.rpm	653438168ec12926cecc665f05b492570df50ee48e525e431624ac60d01a66fa
x86_64	qemu-kvm-7.0.0-13.el9.x86_64.rpm	673b2592cb7ebd63fdf94de9ac0985c8fc810953dfcb7d1705800211e65b04e0
x86_64	qemu-kvm-ui-egl-headless-7.0.0-13.el9.x86_64.rpm	794dc489699907134b22c3b5dde1754c94446a036fa4a94efe64ce37d266696f
x86_64	qemu-kvm-device-display-virtio-vga-gl-7.0.0-13.el9.x86_64.rpm	7d0202836c825c31a3e64bb83de53c3315033c679ca5ef520244fdc85871dcf5
x86_64	qemu-kvm-device-display-virtio-gpu-pci-7.0.0-13.el9.x86_64.rpm	80f7db372ef9562c5ad218eacbcd7e9a92c60ec43eed769ba1cfd7b5c6f7afe7
x86_64	qemu-kvm-device-display-virtio-vga-7.0.0-13.el9.x86_64.rpm	895df880eb840be41293fd32f1f34ebde7ffa7f1a04d3081fcf4422bb1483468
x86_64	qemu-kvm-ui-opengl-7.0.0-13.el9.x86_64.rpm	8fa1a8e85ebd1bd42d569f4bc5e32c499116ac7607ac0cc4cef1662b1b119be1
x86_64	qemu-kvm-block-rbd-7.0.0-13.el9.x86_64.rpm	97ec11a1b11cf90f3d635cd035002bf9bff4b9b0421a85ff7f7f43a2d909f210
x86_64	qemu-guest-agent-7.0.0-13.el9.x86_64.rpm	98552fbde46e81fd7c9d04b6f709347b79f0f6813ac2c8db7626ec915970836e
x86_64	qemu-kvm-common-7.0.0-13.el9.x86_64.rpm	a1af2b8a492f4d3c58dfd369d433613586cda15b86f6a74a8d7c60ef47ffac87
x86_64	qemu-kvm-device-display-virtio-gpu-7.0.0-13.el9.x86_64.rpm	ae7da58219717a9ae1e61f385f78221191abf01b8d05fd64b554f694e4b03f8e
x86_64	qemu-kvm-device-usb-host-7.0.0-13.el9.x86_64.rpm	b3c465d1efe6efb44b2b6ac03f5e5bb97562cc6865648a59acbdd05741165698
x86_64	qemu-kvm-device-usb-redirect-7.0.0-13.el9.x86_64.rpm	e0dc15306707759f289ba52d9a844b47870d84a12b8537e32ea74f886f49c78b
x86_64	qemu-kvm-block-curl-7.0.0-13.el9.x86_64.rpm	e4d197f24efe1e1b74d25031e7f2a7fb0d378b8d91ebe13bf880cb5dc35b4cf7
x86_64	qemu-kvm-docs-7.0.0-13.el9.x86_64.rpm	f0b8dd0c8a949119ee98350cbbd2c130e4098225f60ea2a72175e24d8e503bcd

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.