Date:         Thu, 10 Dec 2009 12:06:18 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Moderate: kvm on SL5.4 x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: kvm security and bug fix update
Issue date:	2009-12-09
CVE Names:	CVE-2009-4031

CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytes

On x86 platforms, the do_insn_fetch() function did not limit the amount 
of instruction bytes fetched per instruction. Users in guest operating 
systems could leverage this flaw to cause large latencies on SMP hosts 
that could lead to a local denial of service on the host operating 
system. This update fixes this issue by imposing the 
architecturally-defined 15 byte length limit for instructions. 
(CVE-2009-4031)

This update also fixes the following bugs:

* performance problems occurred when using the qcow2 image format with 
the qemu-kvm -drive "cache=none" option (the default setting when not 
specified otherwise). This could cause guest operating system 
installations to take hours. With this update, performance patches have 
been backported so that using the qcow2 image format with the 
"cache=none" option no longer causes performance issues. (BZ#520693)

* when using the virtual vm8086 mode, bugs in the emulated hardware task
switching implementation may have, in some situations, caused older 
guest operating systems to malfunction. (BZ#532031)

* Windows Server 2003 guests (32-bit) with more than 4GB of memory may 
have crashed during reboot when using the default qemu-kvm CPU settings.
(BZ#532043)

* with Scientific Linux  Virtualization, guests continued to run after
encountering disk read errors. This could have led to their file systems
becoming corrupted (but not the host's), notably in environments that 
use networked storage. With this update, the qemu-kvm -drive 
"werror=stop" option now applies not only to write errors but also to 
read errors: When using this option, guests will pause on disk read and 
write errors.

By default, guests managed by Scientific Linux Virtualization use the
"werror=stop" option. This option is not used by default for guests 
managed by libvirt. (BZ#537334, BZ#540406)

* the para-virtualized block driver (virtio-blk) silently ignored read
errors when accessing disk images. With this update, the driver 
correctly signals the read error to the guest. (BZ#537334)

SL 5.4

     SRPMS:
kvm-83-105.el5_4.13.src.rpm
     x86_64:
kmod-kvm-83-105.el5_4.13.x86_64.rpm
kvm-83-105.el5_4.13.x86_64.rpm
kvm-qemu-img-83-105.el5_4.13.x86_64.rpm
kvm-tools-83-105.el5_4.13.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2009-4031 Moderate: kvm SL5.4 x86_64

Moderate: kvm security and bug fix update

Summary

Date:         Thu, 10 Dec 2009 12:06:18 -0600Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA Moderate: kvm on SL5.4 x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Moderate: kvm security and bug fix updateIssue date:	2009-12-09CVE Names:	CVE-2009-4031CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytesOn x86 platforms, the do_insn_fetch() function did not limit the amount of instruction bytes fetched per instruction. Users in guest operating systems could leverage this flaw to cause large latencies on SMP hosts that could lead to a local denial of service on the host operating system. This update fixes this issue by imposing the architecturally-defined 15 byte length limit for instructions. (CVE-2009-4031)This update also fixes the following bugs:* performance problems occurred when using the qcow2 image format with the qemu-kvm -drive "cache=none" option (the default setting when not specified otherwise). This could cause guest operating system installations to take hours. With this update, performance patches have been backported so that using the qcow2 image format with the "cache=none" option no longer causes performance issues. (BZ#520693)* when using the virtual vm8086 mode, bugs in the emulated hardware taskswitching implementation may have, in some situations, caused older guest operating systems to malfunction. (BZ#532031)* Windows Server 2003 guests (32-bit) with more than 4GB of memory may have crashed during reboot when using the default qemu-kvm CPU settings.(BZ#532043)* with Scientific Linux  Virtualization, guests continued to run afterencountering disk read errors. This could have led to their file systemsbecoming corrupted (but not the host's), notably in environments that use networked storage. With this update, the qemu-kvm -drive "werror=stop" option now applies not only to write errors but also to read errors: When using this option, guests will pause on disk read and write errors.By default, guests managed by Scientific Linux Virtualization use the"werror=stop" option. This option is not used by default for guests managed by libvirt. (BZ#537334, BZ#540406)* the para-virtualized block driver (virtio-blk) silently ignored readerrors when accessing disk images. With this update, the driver correctly signals the read error to the guest. (BZ#537334)SL 5.4     SRPMS:kvm-83-105.el5_4.13.src.rpm     x86_64:kmod-kvm-83-105.el5_4.13.x86_64.rpmkvm-83-105.el5_4.13.x86_64.rpmkvm-qemu-img-83-105.el5_4.13.x86_64.rpmkvm-tools-83-105.el5_4.13.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved