Issued:
2018-09-25
Updated:
2018-09-25

RHSA-2018:2762 - Important: qemu-kvm-ma security update

Synopsis

Important: qemu-kvm-ma security update

Type/Severity

Security Advisory Important

Topic

An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.

Security Fix(es):

  • QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Jskz - Zero Day Initiative (trendmicro.com) for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for Power, little endian7ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support7.7ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support7.6ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support7.5ppc64le
Red Hat Enterprise Linux for Power, big endian7ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support7.7ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support7.6ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support7.5ppc64
Red Hat Enterprise Linux for Power 97ppc64le
Red Hat Enterprise Linux for IBM z Systems7s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support7.7s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support7.6s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support7.5s390x
Red Hat Enterprise Linux for IBM System z (Structure A)7s390x
Red Hat Enterprise Linux for ARM 647aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions7.7ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions7.6ppc64le
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian7ppc64le
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian7ppc64
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems)7s390x

Updated Packages

  • qemu-kvm-ma-2.10.0-21.el7_5.4.src.rpm
  • qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64le.rpm
  • qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64.rpm
  • qemu-kvm-tools-ma-2.10.0-21.el7_5.4.ppc64.rpm
  • qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.aarch64.rpm
  • qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64.rpm
  • qemu-kvm-common-ma-2.10.0-21.el7_5.4.s390x.rpm
  • qemu-kvm-ma-2.10.0-21.el7_5.4.aarch64.rpm
  • qemu-kvm-tools-ma-2.10.0-21.el7_5.4.s390x.rpm
  • qemu-img-ma-2.10.0-21.el7_5.4.s390x.rpm
  • qemu-kvm-common-ma-2.10.0-21.el7_5.4.ppc64le.rpm
  • qemu-kvm-tools-ma-2.10.0-21.el7_5.4.aarch64.rpm
  • qemu-kvm-ma-2.10.0-21.el7_5.4.ppc64le.rpm
  • qemu-img-ma-2.10.0-21.el7_5.4.ppc64.rpm
  • qemu-img-ma-2.10.0-21.el7_5.4.ppc64le.rpm
  • qemu-kvm-common-ma-2.10.0-21.el7_5.4.aarch64.rpm
  • qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64.rpm
  • qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.s390x.rpm
  • qemu-kvm-ma-2.10.0-21.el7_5.4.s390x.rpm
  • qemu-kvm-ma-debuginfo-2.10.0-21.el7_5.4.ppc64le.rpm
  • qemu-img-ma-2.10.0-21.el7_5.4.aarch64.rpm

Fixes

CVEs

References

Additional information