Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Scientific Linux: SLSA-2023:0422-1 Critical KVM Security Patch

Scientific Large Esm H446
Important: kvm security update
Date: Wed, 12 Feb 2014 19:56:59 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: kvm on SL5.x x86_64
MIME-Version: 1.0

Synopsis: Important: kvm security update
Advisory ID: SLSA-2014:0163-1
Issue Date: 2014-02-12
CVE Numbers: CVE-2013-6367
 CVE-2013-6368
--

A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's
Local Advanced Programmable Interrupt Controller (LAPIC) implementation. A
privileged guest user could use this flaw to crash the host.
(CVE-2013-6367)

A memory corruption flaw was discovered in the way KVM handled virtual
APIC accesses that crossed a page boundary. A local, unprivileged user
could use this flaw to crash the system or, potentially, escalate their
privileges on the system. (CVE-2013-6368)

Note: The following procedure must be performed before this update will take
effect:

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using
"modprobe -r [module]") and reload (using "modprobe [module]") all of the
following modules which are currently running (determined using "lsmod"):
kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.
--

SL5
 x86_64
 kmod-kvm-83-266.el5_10.1.x86_64.rpm
 kmod-kvm-debug-83-266.el5_10.1.x86_64.rpm
 kvm-83-266.el5_10.1.x86_64.rpm
 kvm-debuginfo-83-266.el5_10.1.x86_64.rpm
 kvm-qemu-img-83-266.el5_10.1.x86_64.rpm
 kvm-tools-83-266.el5_10.1.x86_64.rpm

- Scientific Linux Development Team