FEDORA-2018-87f2ace20d

security update in Fedora 29 for qemu

Status: stable 10 months ago
  • Fix cpu model crash on AMD hosts (bz #1640140)
  • CVE-2018-15746: seccomp blacklist is not applied to all threads (bz #1618357)
  • Fix assertion in address_space_stw_le_cached (bz #1644728)
  • CVE-2018-10839: ne2000: fix possible out of bound access (bz #1636429)
  • CVE-2018-17958: rtl8139: fix possible out of bound access (bz #1636729)
  • CVE-2018-17962: pcnet: fix possible buffer overflow (bz #1636775)
  • CVE-2018-17963: net: ignore packet size greater than INT_MAX (bz #1636782)
  • CVE-2018-18849: lsi53c895a: OOB msg buffer access leads to DoS (bz #1644977)
  • CVE-2018-18954: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb (bz #1645442)

How to install

sudo dnf upgrade --advisory=FEDORA-2018-87f2ace20d

Comments 22

This update has been submitted for testing by crobinso.

This update has been pushed to testing.

Thanks for the update, it is able to run OpenBSD guest with VirtIO network interface without crash now.

#1644728: +1

Thanks for the update, it is able to run OpenBSD guest with VirtIO network interface without crash now.

#1644728: +1

Seems fine and #1640140 fixed since i can create VM on AMD x4 845.

#1640140: +1

no regressions noted

karma: +1

Works great! LGTM! =)

karma: +1

Works for me.

karma: +1 critpath: +1

works for me

karma: +1 critpath: +1 #1640140: +1

works for me

karma: +1 critpath: +1 #1640140: +1

works for me

karma: +1

works fine

karma: +1

Works as usual.

karma: +1

Works as usual.

karma: +1

my existing VMs boot fine

karma: +1 critpath: +1

No regressions spotted with VMs on IvyBridge host.

karma: +1 critpath: +1

No regressions spotted with VMs on IvyBridge host.

karma: +1 critpath: +1

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

This update has been submitted for batched by bonzini.

This update has been submitted for stable by bonzini.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
low
Karma
+10
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 11 months ago
in testing 11 months ago
in stable 10 months ago

Related Bugs 16

00 #1526029 CVE-2018-18954 QEMU: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb
00 #1581013 CVE-2018-10839 Qemu: ne2000: integer overflow leads to buffer overflow issue
00 #1615637 CVE-2018-15746 Qemu: seccomp: blacklist is not applied to all threads
00 #1618357 qemu: seccomp: blacklist is not applied to all threads [fedora-all]
00 #1636429 CVE-2018-10839 qemu: ne2000: integer overflow leads to buffer overflow issue [fedora-all]
00 #1636712 CVE-2018-17958 Qemu: rtl8139: integer overflow leads to buffer overflow
00 #1636729 CVE-2018-17958 qemu: rtl8139: integer overflow leads to buffer overflow [fedora-all]
00 #1636773 CVE-2018-17962 Qemu: pcnet: integer overflow leads to buffer overflow
00 #1636775 CVE-2018-17962 qemu: pcnet: integer overflow leads to buffer overflow [fedora-all]
00 #1636777 CVE-2018-17963 QEMU: net: ignore packets with large size
00 #1636782 CVE-2018-17963 qemu: net: ignore packets with large size [fedora-all]
0+2 #1640140 cpu mode=host-model causes guest kernel panics for AMD hosts
0+1 #1644728 OSv build fails because of qemu assertion failure
00 #1644973 CVE-2018-18849 QEMU: lsi53c895a: OOB msg buffer access leads to DoS
00 #1644977 CVE-2018-18849 qemu: lsi53c895a: OOB msg buffer access leads to DoS [fedora-all]
00 #1645442 CVE-2018-16847 qemu: nvme: Out-of-bounds r/w buffer access in cmb operations [fedora-all]

Automated Test Results