Oracle Linux 6272 Published by

A qemu security update (aarch64) has been released for Oracle Linux 7.



El-errata: ELSA-2021-9335 Important: Oracle Linux 7 qemu security update (aarch64)


Oracle Linux Security Advisory ELSA-2021-9335

  http://linux.oracle.com/errata/ELSA-2021-9335.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
ivshmem-tools-4.2.1-10.el7.aarch64.rpm
qemu-4.2.1-10.el7.aarch64.rpm
qemu-block-gluster-4.2.1-10.el7.aarch64.rpm
qemu-block-iscsi-4.2.1-10.el7.aarch64.rpm
qemu-block-rbd-4.2.1-10.el7.aarch64.rpm
qemu-common-4.2.1-10.el7.aarch64.rpm
qemu-img-4.2.1-10.el7.aarch64.rpm
qemu-kvm-4.2.1-10.el7.aarch64.rpm
qemu-kvm-core-4.2.1-10.el7.aarch64.rpm
qemu-system-aarch64-4.2.1-10.el7.aarch64.rpm
qemu-system-aarch64-core-4.2.1-10.el7.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/qemu-4.2.1-10.el7.src.rpm

Related CVEs:

CVE-2020-27661
CVE-2021-20257



Description of changes:

[15:4.2.1-10.el7]
- e1000: fail early for evil descriptor (Jason Wang) [Orabug: 32560552] {CVE-2021-20257}
- Document CVE-2020-27661 as fixed (Mark Kanda) [Orabug: 32960200] {CVE-2020-27661}
- block: Avoid stale pointer dereference in blk_get_aio_context() (Greg Kurz)
- block: Fix blk->in_flight during blk_wait_while_drained() (Kevin Wolf)
- block: Increase BB.in_flight for coroutine and sync interfaces (Kevin Wolf)
- block-backend: Reorder flush/pdiscard function definitions (Kevin Wolf)