Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Oracle: ORCL-2021-0871-01 Urgent: VNC Server Vulnerability

red hat
Calendar Grey March 30, 2010
Dist Redhat Esm H88
Canonical releases a critical update for its KVM software to tackle vulnerabilities and resolve numerous bugs affecting its Ubuntu 20.04 LTS distribution.
Updated kvm packages that fix one security issue, multiple bugs, and add enhancements are now available for Red Hat Enterprise Linux 5

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

The following procedure must be performed before this update will take effect:

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.

Summary

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.
A flaw was found in the way QEMU-KVM handled erroneous data provided by the Linux virtio-net driver, used by guest operating systems. Due to a deficiency in the TSO (TCP segment offloading) implementation, a guest's virtio-net driver would transmit improper data to a certain QEMU-KVM process on the host, causing the guest to crash. A remote attacker could use this flaw to send specially-crafted data to a target guest system, causing that guest to crash. (CVE-2010-0741)
Additionally, these updated packages include numerous bug fixes and enhancements. Refer to the KVM chapter of the Red Hat Enterprise Linux 5.5 Technical Notes for details:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/5/html-single/5.5_technical_notes/index
All KVM users should upgrade to these updated packages, which resolve this issue as well as fixing the bugs and adding the enhancements noted in the Technical Notes. Note: The procedure in the Solution section must be performed before this update will take effect.

References

https://access.redhat.com/security/cve/CVE-2010-0741 https://access.redhat.com/security/updates/classification#important

Package List

RHEL Desktop Multi OS (v. 5 client):
Source:
x86_64: kmod-kvm-83-164.el5.x86_64.rpm kvm-83-164.el5.x86_64.rpm kvm-debuginfo-83-164.el5.x86_64.rpm kvm-qemu-img-83-164.el5.x86_64.rpm kvm-tools-83-164.el5.x86_64.rpm
RHEL Virtualization (v. 5 server):
Source:
x86_64: kmod-kvm-83-164.el5.x86_64.rpm kvm-83-164.el5.x86_64.rpm kvm-debuginfo-83-164.el5.x86_64.rpm kvm-qemu-img-83-164.el5.x86_64.rpm kvm-tools-83-164.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2010:0271-04
Product: Red Hat Enterprise Linux
Issue date: 2010-03-30

Topic

Updated kvm packages that fix one security issue, multiple bugs, and addenhancements are now available for Red Hat Enterprise Linux 5.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System (CVSS)base score, which gives a detailed severity rating, is available from theCVE link in the References section.

Relevant Releases Architectures

RHEL Desktop Multi OS (v. 5 client) - x86_64

RHEL Virtualization (v. 5 server) - x86_64

Bugs Fixed

508040 - Windows XP not using all CPUS

510706 - qemu-kvm segfault when using i82551 vnic

511072 - KVM - qemu-img fail to copy a RAW format image over FCP storage

512672 - Remove initrd warning message

515549 - upstream qemu issues on rhel 5.4

515655 - Add result test to prevent Infinite loop in raw_pread, reading too large offset

515749 - Remove warnings from kvm compilation

516545 - qemu-kvm crashed when setting 32bitwin28k with 64G ram

516672 - Disable unused/unsupported features on qemu-kvm

516762 - qemu aborted when restart 32bitwin23k with more than 4G mem in intel host.

517223 - BUG: warning at /builddir/build/BUILD/kvm-83-maint-snapshot-20090205/kernel-/x86/x86.c:240/kvm_queue_exception_e() (Tainted: G )

518090 - [RFE] KVM should be able to export advanced cpu flags to the guest

518169 - Bad qcow2 performance with cache=off

519397 - KVM: MMU: make __kvm_mmu_free_some_pages handle empty list (upstream backport)

520285 - windows 64 bit does vmexit on each cr8 access.

521025 - rtc-td-hack stopped working. Time drifts in windows

521749 - Guest Window2008-R2-datacenter installation is stopped at step "Setup will continue after restarting your computer" (AMD host only)

521835 - German keymap using KVM+VNC missing some keys

522887 - Call to migrate_set_speed after a migrate_cancel causes segmentation fault in kvm

524970 - Guest single-cpu IPI leads to a global IPI on host

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.