Bug 1533418
Summary: | Libvirt may prefer $CPUModel over $CPUModel-IBRS when reporting host CPU model [rhel-7.4.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Oneata Mircea Teodor <toneata> |
Component: | libvirt | Assignee: | Jiri Denemark <jdenemar> |
Status: | CLOSED ERRATA | QA Contact: | Luyao Huang <lhuang> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 7.5 | CC: | anrussel, dyuan, jdenemar, klaas, lhuang, mtessun, rbalakri, xuzhang, yalzhang |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | libvirt-3.2.0-14.el7_4.8 | Doc Type: | Bug Fix |
Doc Text: |
After applying all security patches for CVE-2017-5715 libvirt is supposed to report the host CPU as a model with "-IBRS" suffix (such as Westmere-IBRS). However, on some hosts the original model (without "-IBRS" suffix, such as Westmere) was reported by libvirt. This didn't have any effect on the actual availability of the security measures to virtual machines started on the host, but the incorrect CPU model could falsely indicate that the host was not secured yet. This update fixes the issue and the correct CPU model with "-IBRS" suffix should be reported on all updated hosts.
|
Story Points: | --- |
Clone Of: | 1533125 | Environment: | |
Last Closed: | 2018-03-06 21:41:17 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1533125 | ||
Bug Blocks: |
Description
Oneata Mircea Teodor
2018-01-11 10:05:47 UTC
verify this bug with libvirt-3.2.0-14.el7_4.8.x86_64, the steps the same with bug 1533415 comment 5 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0403 |