[El-errata] ELSA-2022-9123 Important: Oracle Linux 7 qemu security update (aarch64)

[Errata Announcements for Oracle Linux via El-errata]

Oracle Linux Security Advisory ELSA-2022-9123

http://linux.oracle.com/errata/ELSA-2022-9123.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

aarch64:
ivshmem-tools-4.2.1-15.el7.aarch64.rpm
qemu-4.2.1-15.el7.aarch64.rpm
qemu-block-gluster-4.2.1-15.el7.aarch64.rpm
qemu-block-iscsi-4.2.1-15.el7.aarch64.rpm
qemu-block-rbd-4.2.1-15.el7.aarch64.rpm
qemu-common-4.2.1-15.el7.aarch64.rpm
qemu-img-4.2.1-15.el7.aarch64.rpm
qemu-kvm-4.2.1-15.el7.aarch64.rpm
qemu-kvm-core-4.2.1-15.el7.aarch64.rpm
qemu-system-aarch64-4.2.1-15.el7.aarch64.rpm
qemu-system-aarch64-core-4.2.1-15.el7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-4.2.1-15.el7.src.rpm

Related CVEs:

CVE-2021-3416
CVE-2021-20203
CVE-2021-20196
CVE-2021-4158
CVE-2021-3947




Description of changes:

[15:4.2.1-15.el7]
- Document CVE-2021-4158 and CVE-2021-3947 as fixed (Mark Kanda)  [Orabug: 
33719302] [Orabug: 33754145]  {CVE-2021-3947} {CVE-2021-4158}
- hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 (Philippe 
Mathieu-Daudé)  [Orabug: 32439466]  {CVE-2021-20196}
- hw/block/fdc: Extract blk_create_empty_drive() (Philippe Mathieu-Daudé)  
[Orabug: 32439466]  {CVE-2021-20196}
- net: vmxnet3: validate configuration values during activate (CVE-2021-20203) 
(Prasad J Pandit)  [Orabug: 32559476]  {CVE-2021-20203}
- lan9118: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) 
 [Orabug: 32560540]  {CVE-2021-3416}
- pcnet: switch to use qemu_receive_packet() for loopback (Alexander Bulekov)  
[Orabug: 32560540]  {CVE-2021-3416}
- rtl8139: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) 
 [Orabug: 32560540]  {CVE-2021-3416}
- tx_pkt: switch to use qemu_receive_packet_iov() for loopback (Jason Wang)  
[Orabug: 32560540]  {CVE-2021-3416}
- sungem: switch to use qemu_receive_packet() for loopback (Jason Wang)  
[Orabug: 32560540]  {CVE-2021-3416}
- dp8393x: switch to use qemu_receive_packet() for loopback packet (Jason Wang) 
 [Orabug: 32560540]  {CVE-2021-3416}
- e1000: switch to use qemu_receive_packet() for loopback (Jason Wang)  
[Orabug: 32560540]  {CVE-2021-3416}
- net: introduce qemu_receive_packet() (Jason Wang)  [Orabug: 32560540]  
{CVE-2021-3416}
- target/i386: Populate x86_ext_save_areas offsets using cpuid where possible 
(David Edmondson)
- target/i386: Observe XSAVE state area offsets (David Edmondson)
- target/i386: Make x86_ext_save_areas visible outside cpu.c (David Edmondson)
- target/i386: Pass buffer and length to XSAVE helper (David Edmondson)
- target/i386: Clarify the padding requirements of X86XSaveArea (David 
Edmondson)
- target/i386: Consolidate the X86XSaveArea offset checks (David Edmondson)
- target/i386: Declare constants for XSAVE offsets (David Edmondson)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata