Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 544
Alerts This Week
Warning Icon 1 544

Red Hat: RHSA-2011:0028-01 Low: KVM Security and Bug Fix

red hat
Calendar Grey January 13, 2011
Scroller Redhat Esm H88
Essential KVM patch addressing minor vulnerabilities and glitches in Red Hat Enterprise Linux 5 significantly improves system safety.
Updated kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

The following procedure must be performed before this update will take effect:

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.

Summary

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.
A data structure field in kvm_vcpu_ioctl_x86_get_vcpu_events() in QEMU-KVM was not initialized properly before being copied to user-space. A privileged host user with access to "/dev/kvm" could use this flaw to leak kernel stack memory to user-space. (CVE-2010-4525)
Red Hat would like to thank Stephan Mueller of atsec information security for reporting this issue.
These updated packages also fix several bugs. Documentation for these bug fixes will be available shortly in the "kvm" section of the Red Hat Enterprise Linux 5.6 Technical Notes, linked to in the References.
All KVM users should upgrade to these updated packages, which resolve this issue as well as fixing the bugs noted in the Technical Notes. Note: The procedure in the Solution section must be performed before this update will take effect.

References

https://access.redhat.com/security/cve/CVE-2010-4525 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/search/

Package List

RHEL Desktop Multi OS (v. 5 client):
Source:
x86_64: kmod-kvm-83-224.el5.x86_64.rpm kmod-kvm-debug-83-224.el5.x86_64.rpm kvm-83-224.el5.x86_64.rpm kvm-debuginfo-83-224.el5.x86_64.rpm kvm-qemu-img-83-224.el5.x86_64.rpm kvm-tools-83-224.el5.x86_64.rpm
RHEL Virtualization (v. 5 server):
Source:
x86_64: kmod-kvm-83-224.el5.x86_64.rpm kmod-kvm-debug-83-224.el5.x86_64.rpm kvm-83-224.el5.x86_64.rpm kvm-debuginfo-83-224.el5.x86_64.rpm kvm-qemu-img-83-224.el5.x86_64.rpm kvm-tools-83-224.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2011:0028-01
Product: Red Hat Enterprise Linux
Issue date: 2011-01-13

Topic

Updated kvm packages that fix one security issue and several bugs are nowavailable for Red Hat Enterprise Linux 5.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available from the CVE link inthe References section.

Relevant Releases Architectures

RHEL Desktop Multi OS (v. 5 client) - x86_64

RHEL Virtualization (v. 5 server) - x86_64

Bugs Fixed

503118 - kvm doesn't run with older libgcrypt, but doesn't have a RPM dependency for it

510630 - -drive arg has no way to request a read only disk

513765 - Large guest ( 256G RAM + 16 vcpu ) hang during live migration

514578 - kvm-qemu-img subpackage has dependency on qspice-libs

517565 - build KVM modules for kernel-debug too

517814 - Caps Lock the key's appearance of guest is not synchronous as host's --view kvm with vnc

520572 - SR-IOV -- Guest exit and host hang on if boot VM with 8 VFs assigned

521247 - emulated pcnet nic in qemu-kvm has wrong PCI subsystem ID for Windows XP driver

533078 - use native smp_call_function_many/single functions

539642 - use native pci_get_bus_and_slot function

542954 - Guest suffers kernel panic when save snapshot then restart guest

555727 - Time drift in win2k3-64bit and win2k8-64bit smp guest

569743 - Change vnc password caused 'Segmentation fault'

572825 - qcow2 image corruption when using cache=writeback

574621 - Linux pvmmu guests (FC11, FC12, etc) crash on boot on AMD hosts with NPT disabled

575585 - memory reported as used (by SwapCache and by Cache) though no process holds it.

580410 - Failed to install kvm for failed dependencies: ksym

580637 - Incorrect russian vnc keymap

582038 - backport EPT accessed bit emulation

583947 - Guest aborted when make guest stop on write error

587604 - Qcow2 snapshot got corruption after commit using block device

587605 - Failed to re-base qcow2 snapshot

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.