Operating System:

[RedHat]

Published:

27 June 2018

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2018.1861 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.1861
              Important: libvirt security and bug fix update
                               27 June 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           libvirt
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
Impact/Access:     Access Privileged Data -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-3639  

Reference:         ASB-2018.0121
                   ESB-2018.1797
                   ESB-2018.1750
                   ESB-2018.1549
                   ESB-2018.1548.6
                   ESB-2018.1545

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2018:1997
   https://access.redhat.com/errata/RHSA-2018:2006

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: libvirt security and bug fix update
Advisory ID:       RHSA-2018:1997-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1997
Issue date:        2018-06-26
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for libvirt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x

3. Description:

The libvirt library contains a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Note: This is the libvirt side of the CVE-2018-3639 mitigation that
includes support for guests running on hosts with AMD processors.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

Bug Fix(es):

* Previously, the virtlogd service logged redundant AVC denial errors when
a guest virtual machine was started. With this update, the virtlogd service
no longer attempts to send shutdown inhibition calls to systemd, which
prevents the described errors from occurring. (BZ#1573268)

* Prior to this update, guest virtual machine actions that use a python
library in some cases failed and "Hash operation not allowed during
iteration" error messages were logged. Several redundant thread access
checks have been removed, and the problem no longer occurs. (BZ#1581364)

* The "virsh capabilities" command previously displayed an inaccurate
number of 4 KiB memory pages on systems with very large amounts of memory.
This update optimizes the memory diagnostic mechanism to ensure memory page
numbers are displayed correctly on such systems. (BZ#1582418)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, libvirtd will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
1573268 - Got lots OVS daemon ERRs while starting a OVS-dpdk guest [rhel-7.5.z]
1581364 - Hash operation not allowed during iteration [rhel-7.5.z]
1582418 - virsh capabilities reports invalid values for 4K pages [rhel-7.5.z]

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
libvirt-3.9.0-14.el7_5.6.src.rpm

x86_64:
libvirt-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-client-3.9.0-14.el7_5.6.i686.rpm
libvirt-client-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-libs-3.9.0-14.el7_5.6.i686.rpm
libvirt-libs-3.9.0-14.el7_5.6.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
libvirt-admin-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-devel-3.9.0-14.el7_5.6.i686.rpm
libvirt-devel-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-docs-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-nss-3.9.0-14.el7_5.6.i686.rpm
libvirt-nss-3.9.0-14.el7_5.6.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
libvirt-3.9.0-14.el7_5.6.src.rpm

x86_64:
libvirt-client-3.9.0-14.el7_5.6.i686.rpm
libvirt-client-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-libs-3.9.0-14.el7_5.6.i686.rpm
libvirt-libs-3.9.0-14.el7_5.6.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
libvirt-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-admin-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-devel-3.9.0-14.el7_5.6.i686.rpm
libvirt-devel-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-docs-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-nss-3.9.0-14.el7_5.6.i686.rpm
libvirt-nss-3.9.0-14.el7_5.6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
libvirt-3.9.0-14.el7_5.6.src.rpm

ppc64:
libvirt-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-client-3.9.0-14.el7_5.6.ppc.rpm
libvirt-client-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-devel-3.9.0-14.el7_5.6.ppc.rpm
libvirt-devel-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-docs-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-libs-3.9.0-14.el7_5.6.ppc.rpm
libvirt-libs-3.9.0-14.el7_5.6.ppc64.rpm

ppc64le:
libvirt-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-client-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-devel-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-docs-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-libs-3.9.0-14.el7_5.6.ppc64le.rpm

s390x:
libvirt-3.9.0-14.el7_5.6.s390x.rpm
libvirt-client-3.9.0-14.el7_5.6.s390.rpm
libvirt-client-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.s390x.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390x.rpm
libvirt-devel-3.9.0-14.el7_5.6.s390.rpm
libvirt-devel-3.9.0-14.el7_5.6.s390x.rpm
libvirt-docs-3.9.0-14.el7_5.6.s390x.rpm
libvirt-libs-3.9.0-14.el7_5.6.s390.rpm
libvirt-libs-3.9.0-14.el7_5.6.s390x.rpm

x86_64:
libvirt-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-client-3.9.0-14.el7_5.6.i686.rpm
libvirt-client-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-devel-3.9.0-14.el7_5.6.i686.rpm
libvirt-devel-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-docs-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-libs-3.9.0-14.el7_5.6.i686.rpm
libvirt-libs-3.9.0-14.el7_5.6.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
libvirt-3.9.0-14.el7_5.6.src.rpm

ppc64le:
libvirt-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-client-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-devel-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-docs-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-libs-3.9.0-14.el7_5.6.ppc64le.rpm

s390x:
libvirt-3.9.0-14.el7_5.6.s390x.rpm
libvirt-client-3.9.0-14.el7_5.6.s390.rpm
libvirt-client-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.s390x.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390x.rpm
libvirt-devel-3.9.0-14.el7_5.6.s390.rpm
libvirt-devel-3.9.0-14.el7_5.6.s390x.rpm
libvirt-docs-3.9.0-14.el7_5.6.s390x.rpm
libvirt-libs-3.9.0-14.el7_5.6.s390.rpm
libvirt-libs-3.9.0-14.el7_5.6.s390x.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
libvirt-admin-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.ppc64.rpm
libvirt-nss-3.9.0-14.el7_5.6.ppc.rpm
libvirt-nss-3.9.0-14.el7_5.6.ppc64.rpm

ppc64le:
libvirt-admin-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-nss-3.9.0-14.el7_5.6.ppc64le.rpm

s390x:
libvirt-admin-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.s390x.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390x.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.s390x.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.s390x.rpm
libvirt-nss-3.9.0-14.el7_5.6.s390.rpm
libvirt-nss-3.9.0-14.el7_5.6.s390x.rpm

x86_64:
libvirt-admin-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-nss-3.9.0-14.el7_5.6.i686.rpm
libvirt-nss-3.9.0-14.el7_5.6.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

Source:
libvirt-3.9.0-14.el7_5.6.src.rpm

aarch64:
libvirt-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-admin-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-client-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-devel-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-docs-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-libs-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.aarch64.rpm
libvirt-nss-3.9.0-14.el7_5.6.aarch64.rpm

ppc64le:
libvirt-admin-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.ppc64le.rpm
libvirt-nss-3.9.0-14.el7_5.6.ppc64le.rpm

s390x:
libvirt-admin-3.9.0-14.el7_5.6.s390x.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.s390x.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.s390x.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.s390x.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.s390x.rpm
libvirt-nss-3.9.0-14.el7_5.6.s390.rpm
libvirt-nss-3.9.0-14.el7_5.6.s390x.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
libvirt-3.9.0-14.el7_5.6.src.rpm

x86_64:
libvirt-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-client-3.9.0-14.el7_5.6.i686.rpm
libvirt-client-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-devel-3.9.0-14.el7_5.6.i686.rpm
libvirt-devel-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-docs-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-libs-3.9.0-14.el7_5.6.i686.rpm
libvirt-libs-3.9.0-14.el7_5.6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
libvirt-admin-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.i686.rpm
libvirt-debuginfo-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-login-shell-3.9.0-14.el7_5.6.x86_64.rpm
libvirt-nss-3.9.0-14.el7_5.6.i686.rpm
libvirt-nss-3.9.0-14.el7_5.6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWzJvUNzjgjWX9erEAQhM7Q//dJJlEn74Ogpv7vEy8qRfpLL5GaV2zei9
bJqJG8snN3JXlW8a1oZAl2XEclyXu4w0b8zfDrpVjimhwgQU5cSbWcd9g24S65mq
fLFfmZQH5og5ooTxXWzaAaDhF0fLwFUHCX2H38PfaLuDPjRsqLZpKcsRNyKT391o
p2OCI/JR3A+1oVVU+L16B3jSb7x7BnhqfOUD6gXusIfe5ofSB4xevZ5LEwC0+c1c
Zb8ntSJBGB7XJ03I+5+7F40J6K6bEYJ1TiI8tEFU/iZ9tq/y7AgoWT5+1daMZ06s
cMKsBJ8hHgGU5tKJBtegZGsYgAQUBoA9pV1WxUkth+/STFfdp84EiOanisp3DROE
Rz52wQ8UON44mgMmR5v4UpN3ZYunIkOQzU2CIIXRgmYeZgJ9uo7CKs7QkebPE4MP
zrYrVy/k+2+bC9sL2PiCD+LAHZY3ZJQaBBHuDpqM8w+Vxwy7I1jgcLvM8rMaqDfi
qnbMP314OiTC7YQAX//WkyHbnrPNoxAwRDZ85vNCUDX9WyAVIYHOn9LHNJNcskif
Xy9Zu83+yVqTsMZwddAQynCdIpmaYIJNnEKCDm5sRU0pmfcfMzcP28tITPDEBl/p
e+XFQrJzDiSSF4nCL9BKULZjODQOs+t0/ING1sJ1zX2lZ+2sQh77dfWFYB5+cG3v
RpvefCAYCMU=
=b59R
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: libvirt security and bug fix update
Advisory ID:       RHSA-2018:2006-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:2006
Issue date:        2018-06-26
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for libvirt is now available for Red Hat Enterprise Linux 7.4
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.4) - x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.4) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, s390x, x86_64

3. Description:

The libvirt library contains a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Note: This is the libvirt side of the CVE-2018-3639 mitigation that
includes support for guests running on hosts with AMD CPUs.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

Bug Fix(es):

* The "virsh capabilities" command previously displayed an inaccurate
number of 4 KiB memory pages on systems with very large amounts of memory.
This update optimizes the memory diagnostic mechanism to ensure memory page
numbers are displayed correctly on such systems. (BZ#1582416)

* After starting a large amount of guest virtual machines in a single
session, the libvirtd service in some cases became unable to start any
other guests until it was restarted. This update ensures that libvirtd
properly frees memory used for D-Bus replies, which prevents the described
problem from occurring. (BZ#1588390)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, libvirtd will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
1582416 - virsh capabilities reports invalid values for 4K pages [rhel-7.4.z]

6. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.4):

Source:
libvirt-3.2.0-14.el7_4.11.src.rpm

x86_64:
libvirt-client-3.2.0-14.el7_4.11.i686.rpm
libvirt-client-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.i686.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-libs-3.2.0-14.el7_4.11.i686.rpm
libvirt-libs-3.2.0-14.el7_4.11.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):

x86_64:
libvirt-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-admin-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-config-network-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-interface-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-lxc-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-network-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-qemu-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-secret-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-kvm-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-lxc-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.i686.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-devel-3.2.0-14.el7_4.11.i686.rpm
libvirt-devel-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-docs-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-lock-sanlock-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-login-shell-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-nss-3.2.0-14.el7_4.11.i686.rpm
libvirt-nss-3.2.0-14.el7_4.11.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 7.4):

Source:
libvirt-3.2.0-14.el7_4.11.src.rpm

ppc64:
libvirt-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-client-3.2.0-14.el7_4.11.ppc.rpm
libvirt-client-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-config-network-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-interface-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-lxc-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-network-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-qemu-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-secret-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-storage-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.ppc.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-devel-3.2.0-14.el7_4.11.ppc.rpm
libvirt-devel-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-docs-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-libs-3.2.0-14.el7_4.11.ppc.rpm
libvirt-libs-3.2.0-14.el7_4.11.ppc64.rpm

ppc64le:
libvirt-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-client-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-config-network-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-interface-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-lxc-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-network-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-qemu-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-secret-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-storage-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-kvm-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-devel-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-docs-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-libs-3.2.0-14.el7_4.11.ppc64le.rpm

s390x:
libvirt-3.2.0-14.el7_4.11.s390x.rpm
libvirt-client-3.2.0-14.el7_4.11.s390.rpm
libvirt-client-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-config-network-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-interface-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-lxc-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-network-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-secret-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-storage-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.11.s390x.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.s390.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.s390x.rpm
libvirt-devel-3.2.0-14.el7_4.11.s390.rpm
libvirt-devel-3.2.0-14.el7_4.11.s390x.rpm
libvirt-docs-3.2.0-14.el7_4.11.s390x.rpm
libvirt-libs-3.2.0-14.el7_4.11.s390.rpm
libvirt-libs-3.2.0-14.el7_4.11.s390x.rpm

x86_64:
libvirt-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-client-3.2.0-14.el7_4.11.i686.rpm
libvirt-client-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-config-network-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-interface-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-lxc-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-network-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-qemu-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-secret-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-kvm-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.i686.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-devel-3.2.0-14.el7_4.11.i686.rpm
libvirt-devel-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-docs-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-libs-3.2.0-14.el7_4.11.i686.rpm
libvirt-libs-3.2.0-14.el7_4.11.x86_64.rpm

Red Hat Enterprise Linux Server Optional EUS (v. 7.4):

ppc64:
libvirt-admin-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-daemon-lxc-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.ppc.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-lock-sanlock-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-login-shell-3.2.0-14.el7_4.11.ppc64.rpm
libvirt-nss-3.2.0-14.el7_4.11.ppc.rpm
libvirt-nss-3.2.0-14.el7_4.11.ppc64.rpm

ppc64le:
libvirt-admin-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-daemon-lxc-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-lock-sanlock-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-login-shell-3.2.0-14.el7_4.11.ppc64le.rpm
libvirt-nss-3.2.0-14.el7_4.11.ppc64le.rpm

s390x:
libvirt-admin-3.2.0-14.el7_4.11.s390x.rpm
libvirt-daemon-lxc-3.2.0-14.el7_4.11.s390x.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.s390.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.s390x.rpm
libvirt-login-shell-3.2.0-14.el7_4.11.s390x.rpm
libvirt-nss-3.2.0-14.el7_4.11.s390.rpm
libvirt-nss-3.2.0-14.el7_4.11.s390x.rpm

x86_64:
libvirt-admin-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-daemon-lxc-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.i686.rpm
libvirt-debuginfo-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-lock-sanlock-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-login-shell-3.2.0-14.el7_4.11.x86_64.rpm
libvirt-nss-3.2.0-14.el7_4.11.i686.rpm
libvirt-nss-3.2.0-14.el7_4.11.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWzJob9zjgjWX9erEAQipmxAAm6SvkbLr9TciYodrqAy9XsrDiiTAS/ja
XfprQKoSBZhQBYHugmeDWpDp93cFRuYbBOkZkofvyJ1OspQnZBIokYihFUnf0Kjl
EQYQZaaEBklybH3JmV8e6Vx3i3rOgppFcbOHWXAfvhVLrWa1h0MaOj2v1EJhUR8e
8n3As+3BgoSlDYW9hM1Q5i9/j/VD7IsE/WwEN4TvPspYNonTowkGijJaoWQIy8Fj
PMcJipaPZFnyxMXh4Gw8XbCqBupPRALhGVQ//yIyow2GlWlEHfT56BykItb1v9SE
ptzsMqup5/Ncn6NOGtfIAd55PTabHuuaPk4IiX5PP2AS7jTQy843EzGYmuoQim41
9vGn1O0zijh5FV3N/ZBQRqjpNsdEDouRN1L2ET26/PrXVUsnkihsB6gWkA4yasl2
2MSGPJleUzN2hty2EHW1Sm1JyWOLdosPjWyiOTFW3+cA64miIqGtI0Jhy69b18sM
KjOYMO0+vAngMa8V6ZEgUiYQVdxdZQRNQIulD4wSTLqLKsZIsSe4TP9tW7XZdL0r
aczI1IaI5ZFCSnVfO/2qxrJfvPK9PQIdHhPM6tRpqBN1Qi6mcSoYyIOYXwmL7jWH
dJ1TOjzmowubW1HTjDYIkE74jh+fYWgE8G+Ubl8BKNuWR4P1I4baZZG+BEElUZwi
SCla88BgBqQ=
=V6S0
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWzLbLWaOgq3Tt24GAQjqKhAAhoaf+CE3zMjRAWONSLBswi/GP4dTQ3aj
Xn4m2riGfHfUU795o9k8Sy3Idgpd+Wz/AcvncYtR5qmS69Gt5fc3bNyBAAg6tgo7
uct/BYS0f8ULW2npYR8FUuvgnIVI260LSSHO9Pu95CzeDHD6+x8Mxb/XFB0KyHKw
Ahv7LXncxGZt4/YsQMYTD5qeEwkrnbV2GVd7fK8I3pxNk/tt+V/izR402oreXUhf
I10x0ZyHcliWN9gic0twPlylfssXNFZhVq4Gz+r1mVRuzSgixVpPWIpFasEOGdYJ
KTGqsqbsx22fFBiZMUUlrItpbjNPITFxNQoKy1o9I1uYKvUSCPNSr51GBQKlAJ82
M4pmtvQ31aqvu+13p+dFVliAKKK1QZe5dSI+7VZaQmN4VUcxrUvJF5lMe/MLjXUj
CVw/mCfpk8nINMu9PSG49AiVisfdEjsoiJuP239V+3mLBfpJW/WrV1CM59JBeves
y/Ljw4F/6GATg2+BsZWzNjsErJd2JYcyWU8b8v0+PimXN5B5yfPaG17GwJrrNQtT
a6RtO4fAAVgmMcnIw2GOOIp9TBfMKcMxfB4oBEqVmD38GnVYa5CBmfMzo6+hh54Z
WxMQGZeuaUZZ+b91dstVrFnfXYAS/UXS1yRTJjgRA4cJ88GdfzmArhD4D/JyFZ7I
GKhy9N/O+Kk=
=dLVn
-----END PGP SIGNATURE-----