Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.0833 qemu-kvm-rhev security, bug fix, and enhancement update 6 March 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: qemu-kvm-rhev Publisher: Red Hat Operating System: Red Hat Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Access Privileged Data -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2020-1711 CVE-2019-11135 Reference: ASB-2020.0047 ASB-2019.0330 ESB-2020.0792 ESB-2020.0791 ESB-2020.0416 ESB-2020.0415 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:0730 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security, bug fix, and enhancement update Advisory ID: RHSA-2020:0730-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2020:0730 Issue date: 2020-03-05 CVE Names: CVE-2019-11135 CVE-2020-1711 ===================================================================== 1. Summary: An update for qemu-kvm-rhev is now available for Red Hat Virtualization Engine 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: RHV-M 4.2 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es): * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [Intel 7.6.z Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm-rhev (BZ#1730601) * qemu-kvm-rhev: backport cpuidle-haltpoll support (BZ#1746281) Enhancement(s): * [Intel 7.7 FEAT] MDS_NO exposure to guest - qemu-kvm-rhev (BZ#1743632) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/2974891 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1746281 - qemu-kvm-rhev: backport cpuidle-haltpoll support [rhel-7.6.z] 1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) 1794290 - CVE-2020-1711 QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server 6. Package List: RHV-M 4.2: Source: qemu-kvm-rhev-2.12.0-18.el7_6.9.src.rpm x86_64: qemu-img-rhev-2.12.0-18.el7_6.9.x86_64.rpm qemu-kvm-common-rhev-2.12.0-18.el7_6.9.x86_64.rpm qemu-kvm-rhev-2.12.0-18.el7_6.9.x86_64.rpm qemu-kvm-rhev-debuginfo-2.12.0-18.el7_6.9.x86_64.rpm qemu-kvm-tools-rhev-2.12.0-18.el7_6.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-11135 https://access.redhat.com/security/cve/CVE-2020-1711 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/solutions/tsx-asynchronousabort 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXmEVX9zjgjWX9erEAQhqTw/+P0leJrufQAXK+kNLi/lsN5tgSyQRrRMI XerHD+wMGKcEwkSTStIdwb20LeTjvCmJ2gnZPIJ1834EswOj+ZXngGw5N1XEjm2K 1aj1v5s8jP9Oe/lMVKMp24YqHvJVVD598IFsCLxNWQGbj3UJ7p4HLIZs6o/olcNZ PO74Eg3mvaTPirxidRzHOEYD84hTEdWv+apanEUxLyN+NcpG5jzNqxD/sXWZbXJn rWoYUZ72Ex4MOZxEkK+1h5S+l8hD7FrMXNtSCkkqICSoLKtp2L7Tbg0FNPFSyVvp jIm9Wvmbp7LJhAt5CWUyFeSLtzAxWQaMbB3aHX3FngHkF+G/Ze7BRoTJ/gP7lefq EbWtuT+EtPdWOXLA2V9MM4rjfCPyAslcy1lkZ/yniTmA6693Qp2RmSbYZstUZErF UgFvHB+TfYhsuBTbWQ00SweyBGL227hG4Dijt7/9KtO/xOtZW8xK6N6yyXGtNzwr 77LPHgEytQ0xxw+YlG43MdKBWbHWgsQvjv8dPhUH6i0Tosct0NyqczQK9ICtxNzR g7p4Ad9e6aGnrWQxBD0gE2SGF/f3cu/MRtzpUAEjDzXbhPnGgZHa0FPzC+3ZINpJ b4y7RL0KXqSsIFM8ArCNi3wK2po+RdVVeVQ3cIi/LVbygErzL6g2XwYrWbhtDYnM j0vpKdNmslM= =Kq06 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXmHv8maOgq3Tt24GAQgQGw//QlBcIrQdVOh1ca9x3QOKBifmTjs54GyF EfW23CjFf5PrGvs4tRN92kPcaT2fB1k+X5lj+5fFhnanAkQFLz9gWyZsmAQZ0s5d queZ298On/ogRU8BklvRcB/TzfbfZfviZosLMClgWEmJmW0hNQrXBIiqM9PrZHgc dey/3K0bFvgEdLZHwMRHTpLNsdEoqkVVdd4tvD6VnrqPa8VNQZ7xjwehe3VNa+vE QzsWQWS1GZDnr1LkqcYqOtRFmbx/UA4iBYFuRYqP2+NcV6JaGxATbC9YMrCSKyn+ X5GWC61VaOHxVNE/O1tujtsQWdAcY4zsRWpDutF9STSZmJq+6/UrJs7U0TfWterL L5v99qDI92SPe2H+Qx7nZwpo2mmCO1TyOqftox/RGlQ5ujgUJ2p49/Snll+/+MKR WkM4Q26tOcULs7aNDo4ju4c4IFyfMaN60cfKdFKEElqVUqExtgjA40sRi3AhREX7 1Mt/JQ7ZNqRYe0UAT95rIPEJqUagTfTkMflPBjGT//9pWx4Lo25GJMZCL3qaZo11 LYVbbXbmNLJMB8BRJZbmOWv4yNauGn+eNWCC6q/xDTY3LlJy2kjvA8KkGA9o9o7b exz1YJGGgPyMqxUfV47T9dyiBlSAwSattrDICnaCJXEPneTASA8iViiS+dJtLjEN c/Byb/nJZBY= =q4E6 -----END PGP SIGNATURE-----