SCIENTIFIC-LINUX-ERRATA Archives

March 2012

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: kvm on SL5.x x86_64
From:
[log in to unmask]
Reply To:
[log in to unmask]
Date:
Tue, 6 Mar 2012 14:49:14 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (30 lines) 
Synopsis:    Moderate: kvm security and bug fix update
Issue Date:  2012-02-21
CVE Numbers: CVE-2011-4347


KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Scientific Linux kernel.

It was found that the kvm_vm_ioctl_assign_device() function in the KVM
subsystem of a Linux kernel did not check if the user requesting device
assignment was privileged or not. A member of the kvm group on the host
could assign unused PCI devices, or even devices that were in use and
whose resources were not properly claimed by the respective drivers, which
could result in the host crashing. (CVE-2011-4347)

All KVM users should upgrade to these updated packages, which contain
backported patches to correct these issues.

SL5:
  x86_64
     kmod-kvm-83-249.el5.x86_64.rpm
     kmod-kvm-debug-83-249.el5.x86_64.rpm
     kvm-83-249.el5.x86_64.rpm
     kvm-debuginfo-83-249.el5.x86_64.rpm
     kvm-qemu-img-83-249.el5.x86_64.rpm
     kvm-tools-83-249.el5.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2