Synopsis: Important: kvm security update
Advisory ID: SLSA-2015:1925-1
Issue Date: 2015-10-22
CVE Numbers: CVE-2015-5279
A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC
emulation implementation handled certain packets received over the
network. A privileged user inside a guest could use this flaw to crash the
QEMU instance (denial of service) or potentially execute arbitrary code on
the host. (CVE-2015-5279)
NOTE: The following procedure must be performed before this update will take
1) Stop all KVM guest virtual machines.
2) Either reboot the hypervisor machine or, as the root user, remove (using
"modprobe -r [module]") and reload (using "modprobe [module]") all of the
following modules which are currently running (determined using "lsmod"):
kvm, ksm, kvm-intel or kvm-amd.
3) Restart the KVM guest virtual machines.
- Scientific Linux Development Team