OracleVM 3.4：qemu-kvm (OVMSA-2016-0051)

critical Nessus Plugin ID 91316

語系：

概要

遠端 OracleVM 主機缺少一個安全性更新。

描述

遠端 OracleVM 系統缺少可解決重要安全性更新的必要修補程式：

- kvm-Add-vga.h-unmodified-from-Linux.patch [bz#1331407]

- kvm-vga.h-remove-unused-stuff-and-reformat.patch [bz#1331407]

- kvm-vga-use-constants-from-vga.h.patch [bz#1331407]

- kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch [bz#1331407]

- kvm-vga-fix-banked-access-bounds-checking-CVE-2016-3710.
patch [bz#1331407]

- kvm-vga-add-vbe_enabled-helper.patch [bz#1331407]

- kvm-vga-factor-out-vga-register-setup.patch [bz#1331407]

- kvm-vga-update-vga-register-setup-on-vbe-changes.patch [bz#1331407]

- kvm-vga-make-sure-vga-register-setup-for-vbe-stays-intac .patch

- 解決：bz#1331407 (EMBARGOED CVE-2016-3710 qemu-kvm：
qemu：vga 模組中不正確的堆積存取權邊界檢查 [rhel-6.8.z])

- 還原「非 Intel CPU 的 CPU 執行緒 >1 時發出警告」修正

- kvm-qemu-ga-implement-win32-guest-set-user-password.patch [bz#1174181]

- kvm-util-add-base64-decoding-function.patch [bz#1174181]

- kvm-qga-convert-to-use-error-checked-base64-decode.patch [bz#1174181]

- kvm-qga-use-more-idiomatic-qemu-style-eol-operators.patch [bz#1174181]

- kvm-qga-use-size_t-for-wcslen-return-value.patch [bz#1174181]

- kvm-qga-use-wide-chars-constants-for-wchar_t-comparisons .patch

- kvm-qga-fix-off-by-one-length-check.patch [bz#1174181]

- kvm-qga-check-utf8-to-utf16-conversion.patch [bz#1174181]

- 解決：bz#1174181 (RFE：提供 QEMU 來賓代理程式命令，以設定 root 帳戶密碼 (Linux 來賓))

- kvm-hw-qxl-qxl_send_events-nop-if-stopped.patch [bz#1290743]

- kvm-block-mirror-fix-full-sync-mode-when-target-does-not .patch [bz#971312]

- 解決：bz#1290743 (當在來賓開機期間重複 system_reset 20 次時，qemu-kvm 核心轉儲存)

- 解決：bz#971312 (區塊：鏡像至原始區塊裝置不會使未使用的區塊歸零)

- 2016 年 2 月 8 日星期一 Miroslav Rezanina < - 0.12.1.2-2.488.el6

- 修正 qemu-ga 路徑組態 [bz#1213233]

- 解決：bz#1213233 ([virtagent]「fsfreeze-hook」指令碼的預設路徑「/etc/qemu/fsfreeze-hook」不存在)

- kvm-virtio-scsi-use-virtqueue_map_sg-when-loading-reques .patch

- kvm-scsi-disk-fix-cmd.mode-field-typo.patch [bz#1249740]

- 解決：bz#1249740 (在 ENOSPC 完成移轉時 Dst VM 發生分割錯誤)

- kvm-blockdev-Error-out-on-negative-throttling-option-val .patch

- kvm-fw_cfg-add-check-to-validate-current-entry-value-CVE .patch

- 解決：bz#1294619 (iops、bps 設為負數時，來賓應無法開機)

- 解決：bz#1298046 (CVE-2016-1714 qemu-kvm：Qemu：
nvram：處理韌體組態時的 OOB r/w 存取權問題 [rhel-6.8])

- kvm-Change-fsfreeze-hook-default-location.patch [bz#1213233]

- kvm-qxl-replace-pipe-signaling-with-bottom-half.patch [bz#1290743]

- 解決：bz#1213233 ([virtagent]「fsfreeze-hook」指令碼的預設路徑「/etc/qemu/fsfreeze-hook」不存在)

- 解決：bz#1290743 (當在來賓開機期間重複 system_reset 20 次時，qemu-kvm 核心轉儲存)

- kvm-qga-flush-explicitly-when-needed.patch [bz#1210246]

- kvm-qga-add-guest-set-user-password-command.patch [bz#1174181]

- kvm-qcow2-Zero-initialise-first-cluster-for-new-images.patch [bz#1223216]

- kvm-Documentation-Warn-against-qemu-img-on-active-image.
patch [bz#1297424]

- kvm-target-i386-warns-users-when-CPU-threads-1-for-non-I .patch

- kvm-qemu-options-Fix-texinfo-markup.patch [bz#1250442]

- kvm-qga-Fix-memory-allocation-pasto.patch []

- kvm-block-raw-posix-Open-file-descriptor-O_RDWR-to-work- .patch

- 解決：bz#1174181 (RFE：提供 QEMU 來賓代理程式命令，以設定 root/系統管理員帳戶密碼)

- 解決：bz#1210246 ([virtagent] 如果在來賓代理程式排清之前「讀取」，則會遺失「寫入」內容)

- 解決：bz#1223216 (後端是區塊裝置時，qemu-img 無法建立 qcow2 影像)

- 解決：bz#1250442 (第 3.3 節「叫用」中的 qemu-doc.html 標記錯誤)

- 解決：bz#1268347 (若 fd 是 opened O_WRONLY，posix_fallocate 的 NFS 模擬會因為檔案描述符號錯誤而失敗)

- 解決：bz#1292678 (cmdline 在 amd 主機中設定 threads=2 時，Qemu 應報告錯誤)

- 解決：bz#1297424 (在手冊頁中新增有關在使用中的 VM 上執行 qemu-img 的警告)

- kvm-rtl8139-Fix-receive-buffer-overflow-check.patch [bz#1262866]

- kvm-rtl8139-Do-not-consume-the-packet-during-overflow-in .patch

- 解決：bz#1262866 ([RHEL6] 從主機到 Win2012r2 來賓的 ping 大小為 64000 時，套件會完全遺失)

- kvm-qemu-kvm-get-put-MSR_TSC_AUX-across-reset-and-migrat .patch

- kvm-qcow2-Discard-VM-state-in-active-L1-after-creating-s .patch

- kvm-net-pcnet-add-check-to-validate-receive-data-size-CV .patch

- kvm-pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch [bz#1286567]

- 解決：bz#1219908 (使用「virsh snapshot-create-as」命令寫入快照的速度變慢，因為建立了越來越多的快照)

- 解決：bz#1265428 (MSR_TSC_AUX 的內容不移轉)

- 解決：bz#1286567 (CVE-2015-7512 qemu-kvm：Qemu：net：
pcnet：非回送模式中的緩衝區溢位 [rhel-6.8])

- kvm-net-add-checks-to-validate-ring-buffer-pointers-CVE- .patch

- 解決：bz#1263275 (CVE-2015-5279 qemu-kvm：qemu：ne2000_receive 函式中的堆積溢位弱點 [rhel-6.8])

- kvm-virtio-rng-fix-segfault-when-adding-a-virtio-pci-rng .patch

- kvm-qga-commands-posix-Fix-bug-in-guest-fstrim.patch [bz#1213236]

- kvm-rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-20 .patch

- kvm-rtl8139-drop-tautologous-if-ip-.-statement-CVE-2015- .patch

- kvm-rtl8139-skip-offload-on-short-Ethernet-IP-header-CVE .patch

- kvm-rtl8139-check-IP-Header-Length-field-CVE-2015-5165.patch [bz#1248763]

- kvm-rtl8139-check-IP-Total-Length-field-CVE-2015-5165.patch [bz#1248763]

- kvm-rtl8139-skip-offload-on-short-TCP-header-CVE-2015-51 .patch

- kvm-rtl8139-check-TCP-Data-Offset-field-CVE-2015-5165.patch [bz#1248763]

- 解決：bz#1213236 ([virtagent] 作業系統在 spapr-vscsi 磁碟上的來賓執行「guest-fstrim」失敗)

- 解決：bz#1230068 (重新添加 virtio-rng-pci 裝置時發生分割錯誤)

- 解決：bz#1248763 (CVE-2015-5165 qemu-kvm：Qemu：
rtl8139 未初始化的堆積記憶體資訊洩漏給來賓 [rhel-6.8])