Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Red Hat Virtualization 4: RHSA-2018-3470-01 Moderate Security Fix

red hat
Calendar Grey November 5, 2018
Dist Redhat Esm H88
Hash: SHA256 Red Hat Security Advisory Synopsis: Moderate: Red Hat Virtualization security and bug f
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/2974891

Summary

The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service (CVE-2018-10873)
* glusterfs: Multiple flaws (CVE-2018-10904, CVE-2018-10907, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-10911, CVE-2018-10914, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661, CVE-2018-10913)
* samba: Insufficient input validation in libsmbclient (CVE-2018-10858)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Michael Hanselmann (hansmi.ch) for reporting CVE-2018-10904, CVE-2018-10907, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-10911, CVE-2018-10914, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661, and CVE-2018-10913. The CVE-2018-10873 issue was discovered by Frediano Ziglio (Red Hat).
Bug Fix(es):
* When upgrading Red Hat Virtualization Host (RHVH), imgbased fails to run garbage collection on previous layers, so new logical volumes are removed, and the boot entry points to a logical volume that was removed.
If the RHVH upgrade finishes successfully, the hypervisor boots successfully, even if garbage collection fails. (BZ#1632058)
* During the upgrade process, when lvremove runs garbage collection, it prompts for user confirmation, causing the upgrade process to fail. Now the process uses "lvremove --force" when trying to remove logical volumes and does not fail even if garbage collection fails, and as a result, the upgrade process finishes successfully. (BZ#1632585)

Topics%20covered

Topics Covered

security advisory moderate denial of service Red Hat buffer overflow security fix Red Hat Virtualization

References

https://access.redhat.com/security/cve/CVE-2018-10858 https://access.redhat.com/security/cve/CVE-2018-10873 https://access.redhat.com/security/cve/CVE-2018-10904 https://access.redhat.com/security/cve/CVE-2018-10907 https://access.redhat.com/security/cve/CVE-2018-10911 https://access.redhat.com/security/cve/CVE-2018-10913 https://access.redhat.com/security/cve/CVE-2018-10914 https://access.redhat.com/security/cve/CVE-2018-10923 https://access.redhat.com/security/cve/CVE-2018-10926 https://access.redhat.com/security/cve/CVE-2018-10927 https://access.redhat.com/security/cve/CVE-2018-10928 https://access.redhat.com/security/cve/CVE-2018-10929 https://access.redhat.com/security/cve/CVE-2018-10930 https://access.redhat.com/security/cve/CVE-2018-14652 https://access.redhat.com/security/cve/CVE-2018-14653 https://access.redhat.com/security/cve/CVE-2018-14654 https://access.redhat.com/security/cve/CVE-2018-14659 https://access.redhat.com/security/cve/CVE-2018-14660 https://access.redhat.com/security/cve/CVE-2018-14661 https://access.redhat.com/security/updates/classification#moderate

Package List

Red Hat Virtualization 4 Hypervisor for RHEL 7:
Source: redhat-virtualization-host-4.2-20181026.0.el7_6.src.rpm
noarch: redhat-virtualization-host-image-update-4.2-20181026.0.el7_6.noarch.rpm
RHEL 7-based RHEV-H for RHEV 4 (build requirements):
Source: imgbased-1.0.29-1.el7ev.src.rpm redhat-release-virtualization-host-4.2-7.3.el7.src.rpm
noarch: imgbased-1.0.29-1.el7ev.noarch.rpm python-imgbased-1.0.29-1.el7ev.noarch.rpm redhat-virtualization-host-image-update-placeholder-4.2-7.3.el7.noarch.rpm
x86_64: redhat-release-virtualization-host-4.2-7.3.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key


Advisory ID: RHSA-2018:3470-01
Product: Red Hat Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2018:3470
Issue date: 2018-11-05

Topic

An update for imgbased, redhat-release-virtualization-host, andredhat-virtualization-host is now available for Red Hat Virtualization 4for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory moderate denial of service Red Hat buffer overflow security fix Red Hat Virtualization

Relevant Releases Architectures

RHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64

Red Hat Virtualization 4 Hypervisor for RHEL 7 - noarch

Bugs Fixed

1501276 - RHVH 4.2 should include RHGS 3.4 Batch #1 packages

1593731 - [downstream clone - 4.2.7] Rpm verify fails for newly installed libvirt-daemon-config-nwfilter package .

1596008 - CVE-2018-10873 spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service

1601298 - CVE-2018-10904 glusterfs: Unsanitized file names in debug/io-stats translator can allow remote attackers to execute arbitrary code

1601642 - CVE-2018-10907 glusterfs: Stack-based buffer overflow in server-rpc-fops.c allows remote attackers to execute arbitrary code

1601657 - CVE-2018-10911 glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory

1607617 - CVE-2018-10914 glusterfs: remote denial of service of gluster volumes via posix_get_file_contents function in posix-helpers.c

1607618 - CVE-2018-10913 glusterfs: Information Exposure in posix_get_file_contents function in posix-helpers.c

1610659 - CVE-2018-10923 glusterfs: I/O to arbitrary devices on storage server

1612658 - CVE-2018-10927 glusterfs: File status information leak and denial of service

1612659 - CVE-2018-10928 glusterfs: Improper resolution of symlinks allows for privilege escalation

1612660 - CVE-2018-10929 glusterfs: Arbitrary file creation on storage server allows for execution of arbitrary code

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here