Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Scientific Linux SL5.x Moderate: KVM Security Update CVE-2011-4347

Scientific Large Esm H446
Moderate: kvm security and bug fix update
Date: Tue, 6 Mar 2012 14:49:14 -0600
Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it.
Sender: Security Errata for Scientific Linux
 
From: This email address is being protected from spambots. You need JavaScript enabled to view it.
Subject: Security ERRATA Moderate: kvm on SL5.x x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis: Moderate: kvm security and bug fix update
Issue Date: 2012-02-21
CVE Numbers: CVE-2011-4347

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Scientific Linux kernel.

It was found that the kvm_vm_ioctl_assign_device() function in the KVM
subsystem of a Linux kernel did not check if the user requesting device
assignment was privileged or not. A member of the kvm group on the host
could assign unused PCI devices, or even devices that were in use and
whose resources were not properly claimed by the respective drivers, which
could result in the host crashing. (CVE-2011-4347)

All KVM users should upgrade to these updated packages, which contain
backported patches to correct these issues.

SL5:
 x86_64
 kmod-kvm-83-249.el5.x86_64.rpm
 kmod-kvm-debug-83-249.el5.x86_64.rpm
 kvm-83-249.el5.x86_64.rpm
 kvm-debuginfo-83-249.el5.x86_64.rpm
 kvm-qemu-img-83-249.el5.x86_64.rpm
 kvm-tools-83-249.el5.x86_64.rpm

- Scientific Linux Development Team