Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Scientific Linux: CVE-2011-4622 Important KVM Security Advisory

Scientific Large Esm H446
Important: kvm security update
Date: Tue, 24 Jan 2012 09:27:00 -0600
Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it.
Sender: Security Errata for Scientific Linux
 
From: This email address is being protected from spambots. You need JavaScript enabled to view it.
Subject: Security ERRATA Important: kvm on SL5.x x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis: Important: kvm security update
Issue Date: 2012-01-23
CVE Numbers: CVE-2011-4622
 CVE-2012-0029

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Scientific Linux kernel.

A heap overflow flaw was found in the way QEMU-KVM emulated the e1000
network interface card. A privileged guest user in a virtual machine whose
network interface is configured to use the e1000 emulated driver could use
this flaw to crash the host or, possibly, escalate their privileges on the
host. (CVE-2012-0029)

A flaw was found in the way the KVM subsystem of a Linux kernel handled PIT
(Programmable Interval Timer) IRQs (interrupt requests) when there was no
virtual interrupt controller set up. A malicious user in the kvm group on
the host could force this situation to occur, resulting in the host
crashing. (CVE-2011-4622)

All KVM users should upgrade to these updated packages, which contain
backported patches to correct these issues. Note: The procedure in the
Solution section must be performed before this update will take effect.

SL5:
 x86_64
 kmod-kvm-83-239.el5_7.1.x86_64.rpm
 kmod-kvm-debug-83-239.el5_7.1.x86_64.rpm
 kvm-83-239.el5_7.1.x86_64.rpm
 kvm-debuginfo-83-239.el5_7.1.x86_64.rpm
 kvm-qemu-img-83-239.el5_7.1.x86_64.rpm
 kvm-tools-83-239.el5_7.1.x86_64.rpm

- Scientific Linux Development Team