FEDORA-2018-87f2ace20d created by crobinso 2 years ago for Fedora 29
stable
  • Fix cpu model crash on AMD hosts (bz #1640140)
  • CVE-2018-15746: seccomp blacklist is not applied to all threads (bz #1618357)
  • Fix assertion in address_space_stw_le_cached (bz #1644728)
  • CVE-2018-10839: ne2000: fix possible out of bound access (bz #1636429)
  • CVE-2018-17958: rtl8139: fix possible out of bound access (bz #1636729)
  • CVE-2018-17962: pcnet: fix possible buffer overflow (bz #1636775)
  • CVE-2018-17963: net: ignore packet size greater than INT_MAX (bz #1636782)
  • CVE-2018-18849: lsi53c895a: OOB msg buffer access leads to DoS (bz #1644977)
  • CVE-2018-18954: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb (bz #1645442)

How to install

sudo dnf upgrade --advisory=FEDORA-2018-87f2ace20d

This update has been submitted for testing by crobinso.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon lantw44 commented & provided feedback 2 years ago

Thanks for the update, it is able to run OpenBSD guest with VirtIO network interface without crash now.

BZ#1644728 OSv build fails because of qemu assertion failure
User Icon lantw44 commented & provided feedback 2 years ago

Thanks for the update, it is able to run OpenBSD guest with VirtIO network interface without crash now.

BZ#1644728 OSv build fails because of qemu assertion failure
User Icon atim commented & provided feedback 2 years ago

Seems fine and #1640140 fixed since i can create VM on AMD x4 845.

BZ#1640140 cpu mode=host-model causes guest kernel panics for AMD hosts
User Icon filiperosset commented & provided feedback 2 years ago
karma

no regressions noted

User Icon besser82 commented & provided feedback 2 years ago
karma

Works great! LGTM! =)

User Icon ngompa commented & provided feedback 2 years ago
karma

Works for me.

User Icon lbrabec commented & provided feedback 2 years ago
karma

works for me

BZ#1640140 cpu mode=host-model causes guest kernel panics for AMD hosts
User Icon lbrabec commented & provided feedback 2 years ago
karma

works for me

BZ#1640140 cpu mode=host-model causes guest kernel panics for AMD hosts
User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me

User Icon pwalter commented & provided feedback 2 years ago
karma

Works

User Icon andilinux commented & provided feedback 2 years ago
karma

works fine

User Icon davisclick commented & provided feedback 2 years ago
karma

Works as usual.

User Icon davisclick commented & provided feedback 2 years ago
karma

Works as usual.

User Icon kparal commented & provided feedback 2 years ago
karma

my existing VMs boot fine

User Icon ozeszty commented & provided feedback 2 years ago
karma

No regressions spotted with VMs on IvyBridge host.

User Icon ozeszty commented & provided feedback 2 years ago
karma

No regressions spotted with VMs on IvyBridge host.

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

2 years ago

This update has been submitted for batched by bonzini.

2 years ago

This update has been submitted for stable by bonzini.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
10
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1526029 CVE-2018-18954 QEMU: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb
0
0
BZ#1581013 CVE-2018-10839 Qemu: ne2000: integer overflow leads to buffer overflow issue
0
0
BZ#1615637 CVE-2018-15746 Qemu: seccomp: blacklist is not applied to all threads
0
0
BZ#1618357 qemu: seccomp: blacklist is not applied to all threads [fedora-all]
0
0
BZ#1636429 CVE-2018-10839 qemu: ne2000: integer overflow leads to buffer overflow issue [fedora-all]
0
0
BZ#1636712 CVE-2018-17958 Qemu: rtl8139: integer overflow leads to buffer overflow
0
0
BZ#1636729 CVE-2018-17958 qemu: rtl8139: integer overflow leads to buffer overflow [fedora-all]
0
0
BZ#1636773 CVE-2018-17962 Qemu: pcnet: integer overflow leads to buffer overflow
0
0
BZ#1636775 CVE-2018-17962 qemu: pcnet: integer overflow leads to buffer overflow [fedora-all]
0
0
BZ#1636777 CVE-2018-17963 QEMU: net: ignore packets with large size
0
0
BZ#1636782 CVE-2018-17963 qemu: net: ignore packets with large size [fedora-all]
0
0
BZ#1640140 cpu mode=host-model causes guest kernel panics for AMD hosts
0
2
BZ#1644728 OSv build fails because of qemu assertion failure
0
1
BZ#1644973 CVE-2018-18849 QEMU: lsi53c895a: OOB msg buffer access leads to DoS
0
0
BZ#1644977 CVE-2018-18849 qemu: lsi53c895a: OOB msg buffer access leads to DoS [fedora-all]
0
0
BZ#1645442 CVE-2018-16847 qemu: nvme: Out-of-bounds r/w buffer access in cmb operations [fedora-all]
0
0

Automated Test Results