Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.3405
qemu-kvm security update
1 October 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: qemu-kvm
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux WS/Desktop 7
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Denial of Service -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-14364 CVE-2020-1983
Reference: ESB-2020.3345
ESB-2020.3344
ESB-2020.2899
ESB-2020.2505
Original Bulletin:
https://access.redhat.com/errata/RHSA-2020:4079
https://access.redhat.com/errata/RHSA-2020:4111
Comment: This bulletin contains two (2) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: qemu-kvm security update
Advisory ID: RHSA-2020:4079-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4079
Issue date: 2020-09-29
CVE Names: CVE-2020-1983 CVE-2020-14364
=====================================================================
1. Summary:
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
Kernel-based Virtual Machine (KVM) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm packages provide the
user-space component for running virtual machines that use KVM.
Security Fix(es):
* QEMU: usb: out-of-bounds r/w access issue while processing usb packets
(CVE-2020-14364)
* QEMU: slirp: use-after-free in ip_reass() function in ip_input.c
(CVE-2020-1983)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, shut down all running virtual machines. Once
all virtual machines have shut down, start them again for this update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1829825 - CVE-2020-1983 QEMU: slirp: use-after-free in ip_reass() function in ip_input.c
1869201 - CVE-2020-14364 QEMU: usb: out-of-bounds r/w access issue while processing usb packets
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
qemu-kvm-1.5.3-175.el7_9.1.src.rpm
x86_64:
qemu-img-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-common-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-tools-1.5.3-175.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source:
qemu-kvm-1.5.3-175.el7_9.1.src.rpm
x86_64:
qemu-img-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-common-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-tools-1.5.3-175.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
qemu-kvm-1.5.3-175.el7_9.1.src.rpm
x86_64:
qemu-img-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-common-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-tools-1.5.3-175.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
qemu-kvm-1.5.3-175.el7_9.1.src.rpm
x86_64:
qemu-img-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-common-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-debuginfo-1.5.3-175.el7_9.1.x86_64.rpm
qemu-kvm-tools-1.5.3-175.el7_9.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-1983
https://access.redhat.com/security/cve/CVE-2020-14364
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=1869693
https://bugzilla.redhat.com/show_bug.cgi?id=1837565
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3QdodzjgjWX9erEAQjLIQ//TesMNk471ZMIWu8ozZsMuKfwiGxsPtXk
MDTSiIAxddiURMrDpOVrBK1iFUKGEhncmRgl5Z74exWPwyEvt3vaDFHABg/kwx9s
4sRkGV4bLcxKMPylzkY1ujCAhDwRtT+i6OVqaDXrudAtM+2tYrdTepOQ9OUeX5Zq
oMaYD71cPFnifZnXo/bh7pNZGIvL2w4r8YCXv6km+gVin++ggaz8/ZxdAeVVAFdP
xUXLtdNp+sjlChvOQCTA0vbQk+r/aA7gwqshwUjPvb8j3KCmfnke4zxOz7hZxN7G
TD6dOpdRSiZye/eXDQsXLIa2bpO1/SsUCBveKUsC/hEjNzNhJD5A+T6T/gMXaemR
H2jJqsfVXxmJGsQMq/RGSJv3QYeWuOPeyPv40kXMA6kM+qE4ZxzGyMRKkJz7N6c+
CHLcok+DGfvzBMEf0dHEWFL0hdL6zKHpnCRg9mflHR5wcGEINq9pkY+f+dNcF2Ze
GYKvim4sXPVEO4v6lLTq0Wp6RaWCzWfY/HxVZEgTnzlZecZ6a1EhUePJbcZUEBS7
JswVGMOudquAOvwnMCe668/EaYZtYeKViMj84BLQsUD43Q5H91Q4XpbQ8EdjP0M3
Ksu/2FaQU7os67/OArDhSLYWfRTgSr7BDcRNQmgQObSl6gbh3DQ4HXt80j8cVi03
N5Q/ROPxkM0=
=uzk5
- -----END PGP SIGNATURE-----
- ------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: qemu-kvm-rhev security update
Advisory ID: RHSA-2020:4111-01
Product: Red Hat Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4111
Issue date: 2020-09-30
CVE Names: CVE-2020-14364
=====================================================================
1. Summary:
An update for qemu-kvm-rhev is now available for Red Hat Virtualization for
Red Hat Virtualization Host 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
RHV-M 4.3 - x86_64
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - ppc64le, x86_64
3. Description:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm-rhev packages provide the
user-space component for running virtual machines that use KVM in
environments managed by Red Hat products.
Security Fix(es):
* CVE-2020-14364 QEMU: usb: out-of-bounds r/w access issue while processing
usb packets
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2974891
5. Bugs fixed (https://bugzilla.redhat.com/):
1869201 - CVE-2020-14364 QEMU: usb: out-of-bounds r/w access issue while processing usb packets
6. Package List:
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts:
Source:
qemu-kvm-rhev-2.12.0-48.el7_9.1.src.rpm
ppc64le:
qemu-img-rhev-2.12.0-48.el7_9.1.ppc64le.rpm
qemu-kvm-common-rhev-2.12.0-48.el7_9.1.ppc64le.rpm
qemu-kvm-rhev-2.12.0-48.el7_9.1.ppc64le.rpm
qemu-kvm-rhev-debuginfo-2.12.0-48.el7_9.1.ppc64le.rpm
qemu-kvm-tools-rhev-2.12.0-48.el7_9.1.ppc64le.rpm
x86_64:
qemu-img-rhev-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-common-rhev-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-rhev-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-tools-rhev-2.12.0-48.el7_9.1.x86_64.rpm
RHV-M 4.3:
Source:
qemu-kvm-rhev-2.12.0-48.el7_9.1.src.rpm
x86_64:
qemu-img-rhev-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-common-rhev-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-rhev-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-rhev-debuginfo-2.12.0-48.el7_9.1.x86_64.rpm
qemu-kvm-tools-rhev-2.12.0-48.el7_9.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-14364
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3RN0tzjgjWX9erEAQjLnA//Tg52zumrRurmidWInlV47yChU3aIsInJ
7w+PZZQKJUd21KgO9m6ueipaoNkiA0+aA8UNW+rbRqRpmMZkIb30jQ9+8osdmR5v
cjHmWjN9xRGaeZHp3Jqe0Q3KcNX1K/TGiTdqIUsfVkZ1JncUFLHVjj+1d0z1k7wP
oOEkA0ay50Sh+x/UwhRkoH6/xSPRkDegW6LiXfLXOZDKK2Ah2Pa+b6NTNYoqPjW4
BCKJZwvETCUcyvIeGD86B1x4NxImDYbzbsS7JK3HdZx4E76LKcBwHr/3tAgsALxu
B9sF2H/Z/kSb/dyo0DMxfyV7IAvRooApoo0Lwx7pQ4xHakVqqqxuIravBTRTM9xG
KayyWcQbbb7XGcqUyuSx1D3WE7FXLkRO2W6Xye+tco93y3Imahj37EkyaNfBQRGx
C18D/gonE9y8mCXIBzUb+hdGgjhlNYLqVjxEzxoLz6if6oFLtLC4UgmdxV3vT4iA
7gbyOCuE6CHeLmOaOBdcc9kgKoFExc9X6qv+CEpu7UHB9Zpnw9hLncthe9mVJlug
hUX01x/ZIC+ErWt2ZNkRwBuz8cMQKYuIqV2kvQJJEo0z2RmQrO2bax4gYDg/l51b
bYJ/idU/5QavT4ZLYS2ZJ4fGA+bEu7BleoD4u6yYwHaUoGGMKCbJi6/UvWhPFdF2
5vTb65H9zfA=
=Myx5
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBX3Uc1eNLKJtyKPYoAQjSWg/+Mmm0qZ2lVnbT5Z5gXcDhU+7OI4NMDPcu
2TaEz3JTzEOpyhmts5OijRChTqTqcdAzCk3oyngcCZZXOJ3RXTJw5rpTibkfoLXe
ENrq8CWyk1jTJDRGNRrE/MW4SP+QzAQcYdm3kUI6dRVpJwr/oEiWekZLJxMbpHHn
ijTBD5+dyseUaQ7AoxR4XU6sMQnb+JR3wPFO2o8M3/HUJg11tidzxSZ9IrcXKeVB
iJJH4pfSXmkQcstN0ablH0c3gY7hlDbdULp5AWe1ftRhXl0QJAKwVXBEpyyZ7e/I
9dFJx4Z80n+M2zLfGcur6VSSi0fTffkhPTcslTyGb5jGnJ0Frw72/QN0atrPdzF0
xWZJBuysQN5WnQh+BAy4TZdh3zwc/FEw36FuhI1Wb3TmUn/MIO075Fwa8FffKyXW
wn9blAcJevmtJVv8n2T3qOQ+yVVOjUHiEQSR7oo4sp/VpL/6XpoQEwBrivRRlNMz
NuFlZnWRd5bKBsh+ZQtk5Fd55AqJclOyp0zachYpendc5K0xXlbb+KTY4lJ5pQw1
IMZeazZZKDPKk5pwMhFGLicWZ7LQuPS4sZsvQz1gzjXtAH0MYSSIAUFHs5FJKc5o
MJLBGMVaCaL1FDiFBYniTxORiq1+imcAZl/cV45cUVlrX3wEQ/TUaiiDMhtdW4Gi
DFveF0syp9Q=
=q6IC
-----END PGP SIGNATURE-----