[PATCH 0/4] Add news for recent features and CVEs
Han Han (4): NEWS: qemu: Add support for hyperv enlightenments features NEWS: cpu_map: Add the EPYC-Genoa cpu mode NEWS: Add the news for CVE-2024-2494 NEWS: Add the news for CVE-2024-4418 NEWS.rst | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) -- 2.47.0
Signed-off-by: Han Han <hhan@redhat.com> --- NEWS.rst | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 56adf8df8b..07ccb30887 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -169,6 +169,17 @@ v10.7.0 (2024-09-02) domain XML for descendants of the generic PC machine type (``i440fx``, ``q35``, ``xenfv`` and ``isapc``). + * qemu: Add support for hyperv enlightenment feature ``hv-emsr-bitmap`` + + It is introduced since ``QEMU 7.10``, allowing L0 (KVM) and L1 (Hyper-V) + hypervisors to collaborate to avoid unnecessary updates to L2 MSR-Bitmap + upon vmexits. + + * qemu: Add support for hyperv enlightenment feature ``hv-xmm-input`` + + It is introduced since ``QEMU 7.10``, allowing to pass parameters for + certain hypercalls using XMM registers (“XMM Fast Hypercall Input”). + * **Improvements** * ch: support restore with network devices -- 2.47.0
Signed-off-by: Han Han <hhan@redhat.com> --- NEWS.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 07ccb30887..2c1e232707 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -852,6 +852,10 @@ v9.8.0 (2023-10-02) <source dev='/dev/vhost-vdpa-0'> ... + * cpu_map: Add the EPYC-Genoa cpu model + + This model is introduced since ``QEMU 8.1``. + * **Improvements** * qemu: add nbdkit backend for network disks -- 2.47.0
Signed-off-by: Han Han <hhan@redhat.com> --- NEWS.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 2c1e232707..cdac735c6e 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -462,6 +462,18 @@ v10.3.0 (2024-05-02) v10.2.0 (2024-04-02) ==================== +* **Security** + + * ``CVE-2024-2494``: remote: check for negative array lengths before allocation + + Fix the flaw of the RPC library APIs of libvirt. The RPC server + de-serialization code allocates memory for arrays before the non-negative + length check is performed by the C API entry points. Passing a negative length + to the g_new0 function results in a crash due to the negative length being + treated as a huge positive number. A local unprivileged user could use this + flaw to perform a denial of service attack by causing the libvirt daemon to + crash. + * **New features** * ch: Basic save and restore support for ch driver -- 2.47.0
Signed-off-by: Han Han <hhan@redhat.com> --- NEWS.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index cdac735c6e..c3d80ad29d 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -309,6 +309,18 @@ v10.5.0 (2024-07-01) v10.4.0 (2024-06-03) ==================== +* **Security** + + * ``CVE-2024-4418``: Fix stack use-after-free in virNetClientIOEventLoop() + + Fix race condition leading to a stack use-after-free bug was found in libvirt. + Due to a bad assumption in the virNetClientIOEventLoop() method, the data + pointer to a stack-allocated virNetClientIOEventData structure ended up being + used in the virNetClientIOEventFD callback while the data pointer's stack frame + was concurrently being "freed" when returning from virNetClientIOEventLoop(). + This flaw allows a local, unprivileged user to access virtproxyd without + authenticating. + * **New features** * qemu: Support for ras feature for virt machine type -- 2.47.0
On 10/25/24 06:57, Han Han wrote:
Han Han (4): NEWS: qemu: Add support for hyperv enlightenments features NEWS: cpu_map: Add the EPYC-Genoa cpu mode NEWS: Add the news for CVE-2024-2494 NEWS: Add the news for CVE-2024-4418
NEWS.rst | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+)
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal
participants (2)
-
Han Han -
Michal Prívozník