Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 24 Jan 2012 09:27:00 -0600 Reply-To:This email address is being protected from spambots. You need JavaScript enabled to view it. Sender: Security Errata for Scientific LinuxFrom: This email address is being protected from spambots. You need JavaScript enabled to view it. Subject: Security ERRATA Important: kvm on SL5.x x86_64 Comments: To:This email address is being protected from spambots. You need JavaScript enabled to view it. Synopsis: Important: kvm security update Issue Date: 2012-01-23 CVE Numbers: CVE-2011-4622 CVE-2012-0029 KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Scientific Linux kernel. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029) A flaw was found in the way the KVM subsystem of a Linux kernel handled PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was no virtual interrupt controller set up. A malicious user in the kvm group on the host could force this situation to occur, resulting in the host crashing. (CVE-2011-4622) All KVM users should upgrade to these updated packages, which contain backported patches to correct these issues. Note: The procedure in the Solution section must be performed before this update will take effect. SL5: x86_64 kmod-kvm-83-239.el5_7.1.x86_64.rpm kmod-kvm-debug-83-239.el5_7.1.x86_64.rpm kvm-83-239.el5_7.1.x86_64.rpm kvm-debuginfo-83-239.el5_7.1.x86_64.rpm kvm-qemu-img-83-239.el5_7.1.x86_64.rpm kvm-tools-83-239.el5_7.1.x86_64.rpm - Scientific Linux Development Team