Oracle Linux 9:qemu-kvm (ELSA-2026-18772)

high Nessus 插件 ID 322195

简介

远程 Oracle Linux 主机缺少安全更新。

描述

远程 Oracle Linux 9 主机上安装的程序包受到 ELSA-2026-18772 公告中提及的漏洞的影响。

[10.1.0-17]
- kvm-mirror-Fix-missed-dirty-bitmap-writes-during-startup.patch [RHEL-155947 RHEL-155948]
- kvm-linux-aio-Put-all-parameters-into-qemu_laiocb.patch [RHEL-154174]
- kvm-linux-aio-Resubmit-tails-of-short-reads-writes.patch [RHEL-154174]
- kvm-block-io_uring-avoid-potentially-getting-stuck-after.patch [RHEL-154174]
- kvm-io-uring-Resubmit-tails-of-short-writes.patch [RHEL-154174]
- 解决了: RHEL-155947 (镜像作业在启动期间可能缺少写入,进而损坏副本 [rhel-9.8])
- 解决了: RHEL-155948 (镜像作业在启动期间可能缺少写入,从而损坏副本 [rhel-9])
- 解决了: RHEL-154174 (qemu-kvm:磁盘写入比请求的字节少是一种重试情况,不一定表示 ENOSPC [rhel-9.8])

[10.1.0-16]
- kvm-block-Never-drop-BLOCK_IO_ERROR-with-action-stop-for.patch [RHEL-151679]
- 解决了: RHEL-151679 ([rhel-9.8] 由于事件速率限制,在 (w|r)error 设置为“stop”或“enospc”的情况下,BLOCK_IO_ERROR事件传递中出现回归)

[10.1.0-15]
- kvm-scsi-generalize-scsi_SG_IO_FROM_DEV-to-scsi_SG_IO.patch [RHEL-149396]
- kvm-scsi-add-error-reporting-to-scsi_SG_IO.patch [RHEL-149396]
- kvm-scsi-track-SCSI-reservation-state-for-live-migration.patch [RHEL-149396]
- kvm-scsi-save-load-SCSI-reservation-state.patch [RHEL-149396]
- kvm-docs-add-SCSI-migrate-pr-documentation.patch [RHEL-149396]
- 解决了: RHEL-149396 (迁移 SCSI PR 状态并在实时迁移时抢占保留 [rhel-9])

[10.1.0-14]
- kvm-rbd-Run-co-BH-CB-in-the-coroutine-s-AioContext.patch [RHEL-67115]
- kvm-curl-Fix-coroutine-waking.patch [RHEL-67115]
- kvm-block-io-Take-reqs_lock-for-tracked_requests.patch [RHEL-67115]
- kvm-qcow2-Re-initialize-lock-in-invalidate_cache.patch [RHEL-67115]
- kvm-qcow2-Fix-cache_clean_timer.patch [RHEL-67115]
- 解决了: RHEL-67115 ([network-storage][rbd][core-dump] 启用多队列时,客户机安装有时会失败 [rhel9.6])

[10.1.0-13]
- kvm-vhost-user-make-vhost_set_vring_file-synchronous.patch [RHEL-147422]
- kvm-hw-s390x-Fix-a-possible-crash-with-passed-through-vi.patch [RHEL-130620]
- 解决了: RHEL-147422 (virtiofs:进程在 virtiofs 挂载时在 request_wait_answer 中卡住)
- 解决了: RHEL-130620 (通过 vfio_ccw 连接 virtio 设备时,VM 在引导期间崩溃 [rhel-9])

[10.1.0-12]
- kvm-block-Improve-comments-in-BlockLimits.patch [RHEL-132989]
- kvm-block-Expose-block-limits-for-images-in-QMP.patch [RHEL-132989]
- kvm-qemu-img-info-Optionally-show-block-limits.patch [RHEL-132989]
- kvm-qemu-img-info-Add-cache-mode-option.patch [RHEL-132989]
- kvm-hw-intc-ioapic-Fix-ACCEL_KERNEL_GSI_IRQFD_POSSIBLE-t.patch [RHEL-140187]
- kvm-q35-increase-default-tseg-size.patch [RHEL-139057]
- 解决了: RHEL-132989 (暴露 QMP 和 qemu-img 中区块节点的区块限制 [rhel-9])
- 解决了: RHEL-140187 (Intel IOMMU VM 冻结:“call_irq_handler: 3.37 矢量无 irq 处理程序”[rhel-9.8])
- 解决了: RHEL-139057 ([qemu, rhel-9] 增大默认 TSEG 大小)

[10.1.0-11]
- kvm-block-Fix-BDS-use-after-free-during-shutdown.patch [RHEL-138240]
- 解决了: RHEL-138240 (QEMU 在实时迁移期间停止源 VM 时崩溃 [rhel-9])

[10.1.0-10]
- kvm-monitor-generalize-query-mshv-info-mshv-to-query-acc.patch [RHEL-132193]
- 解决了: RHEL-132193 ([rhel 9.8]L1VH qemu 下游初始合并 RHEL9)

[10.1.0-9]
- kvm-pcie_sriov-make-pcie_sriov_pf_exit-safe-on-non-SR-IO.patch [RHEL-131144]
- kvm-accel-Add-Meson-and-config-support-for-MSHV-accelera.patch [RHEL-132193]
- kvm-target-i386-emulate-Allow-instruction-decoding-from-.patch [RHEL-132193]
- kvm-target-i386-mshv-Add-x86-decoder-emu-implementation.patch [RHEL-132193]
- kvm-hw-intc-Generalize-APIC-helper-names-from-kvm_-to-ac.patch [RHEL-132193]
- kvm-include-hw-hyperv-Add-MSHV-ABI-header-definitions.patch [RHEL-132193]
- kvm-linux-headers-linux-Add-mshv.h-headers.patch [RHEL-132193]
- kvm-accel-mshv-Add-accelerator-skeleton.patch [RHEL-132193]
- kvm-accel-mshv-Register-memory-region-listeners.patch [RHEL-132193]
- kvm-accel-mshv-Initialize-VM-partition.patch [RHEL-132193]
- kvm-accel-mshv-Add-vCPU-creation-and-execution-loop.patch [RHEL-132193]
- kvm-treewide-rename-qemu_wait_io_event-qemu_wait_io_even.patch [RHEL-132193]
- kvm-accel-mshv-Add-vCPU-signal-handling.patch [RHEL-132193]
- kvm-target-i386-mshv-Add-CPU-create-and-remove-logic.patch [RHEL-132193]
- kvm-target-i386-mshv-Implement-mshv_store_regs.patch [RHEL-132193]
- kvm-target-i386-mshv-Implement-mshv_get_standard_regs.patch [RHEL-132193]
- kvm-target-i386-mshv-Implement-mshv_get_special_regs.patch [RHEL-132193]
- kvm-target-i386-mshv-Implement-mshv_arch_put_registers.patch [RHEL-132193]
- kvm-target-i386-mshv-Set-local-interrupt-controller-stat.patch [RHEL-132193]
- kvm-target-i386-mshv-Register-CPUID-entries-with-MSHV.patch [RHEL-132193]
- kvm-target-i386-mshv-Register-MSRs-with-MSHV.patch [RHEL-132193]
- kvm-target-i386-mshv-Integrate-x86-instruction-decoder-e.patch [RHEL-132193]
- kvm-target-i386-mshv-Write-MSRs-to-the-hypervisor.patch [RHEL-132193]
- kvm-target-i386-mshv-Implement-mshv_vcpu_run.patch [RHEL-132193]
- kvm-accel-mshv-Handle-overlapping-mem-mappings.patch [RHEL-132193]
- kvm-qapi-accel-Allow-to-query-mshv-capabilities.patch [RHEL-132193]
- kvm-target-i386-mshv-Use-preallocated-page-for-hvcall.patch [RHEL-132193]
- kvm-docs-Add-mshv-to-documentation.patch [RHEL-132193]
- kvm-MAINTAINERS-Add-maintainers-for-mshv-accelerator.patch [RHEL-132193]
- kvm-accel-mshv-initialize-thread-name.patch [RHEL-132193]
- kvm-accel-mshv-use-return-value-of-handle_pio_str_read.patch [RHEL-132193]
- 解决了: RHEL-131144 (从启用多功能的总线热拔出磁盘后 qemu 崩溃 [RHEL.9.8])
- 解决了: RHEL-132193 ([rhel 9.8]L1VH qemu 下游初始合并 RHEL9)

[10.1.0-8]
- kvm-file-posix-Handle-suspended-dm-multipath-better-for-.patch [RHEL-133303]
- 解决了: RHEL-133303 (在传递故障转移多路径设备上执行 S3-PR 集成时 VM 命中 io 错误 [rhel-9])

Tenable 已直接从 Oracle Linux 安全公告中提取上述描述块。

请注意,Nessus 尚未测试此问题,而是只依据应用程序自我报告的版本号进行判断。

解决方案

更新受影响的程序包。

另见

https://linux.oracle.com/errata/ELSA-2026-18772.html

插件详情

严重性: High

ID: 322195

文件名: oraclelinux_ELSA-2026-18772.nasl

版本: 1.1

类型: Local

代理: unix

发布时间: 2026/6/23

最近更新时间: 2026/6/23

支持的传感器: Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

风险信息

VPR

风险因素: Medium

分数: 5

百分位: 94.89

CVSS v2

风险因素: High

基本分数: 7.8

时间分数: 5.8

矢量: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS 分数来源: CVE-2025-11234

CVSS v3

风险因素: High

基本分数: 7.5

时间分数: 6.5

矢量: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

时间矢量: CVSS:3.0/E:U/RL:O/RC:C

漏洞信息

CPE: p-cpe:/a:oracle:linux:qemu-img, p-cpe:/a:oracle:linux:qemu-kvm-block-rbd, p-cpe:/a:oracle:linux:qemu-kvm-block-curl, p-cpe:/a:oracle:linux:qemu-kvm-core, p-cpe:/a:oracle:linux:qemu-kvm-device-display-virtio-gpu-pci, p-cpe:/a:oracle:linux:qemu-kvm-docs, p-cpe:/a:oracle:linux:qemu-kvm-tools, p-cpe:/a:oracle:linux:qemu-guest-agent, cpe:/o:oracle:linux:9, p-cpe:/a:oracle:linux:qemu-kvm-device-usb-redirect, p-cpe:/a:oracle:linux:qemu-kvm-device-display-virtio-vga, p-cpe:/a:oracle:linux:qemu-kvm-ui-egl-headless, p-cpe:/a:oracle:linux:qemu-kvm-common, p-cpe:/a:oracle:linux:qemu-kvm-device-display-virtio-gpu, p-cpe:/a:oracle:linux:qemu-kvm-block-blkio, p-cpe:/a:oracle:linux:qemu-kvm-audio-pa, p-cpe:/a:oracle:linux:qemu-kvm, p-cpe:/a:oracle:linux:qemu-kvm-device-usb-host, p-cpe:/a:oracle:linux:qemu-pr-helper, p-cpe:/a:oracle:linux:qemu-kvm-ui-opengl

必需的 KB 项: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux

易利用性: No known exploits are available

补丁发布日期: 2026/6/12

漏洞发布日期: 2025/10/3

参考资料信息

CVE: CVE-2025-11234