SCIENTIFIC-LINUX-ERRATA Archives

September 2016

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: kvm on SL5.x x86_64
From:
Kevin Hill <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 28 Sep 2016 20:05:54 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (33 lines) 
Synopsis:          Important: kvm security update
Advisory ID:       SLSA-2016:1943-1
Issue Date:        2016-09-27
CVE Numbers:       CVE-2016-3710
                   CVE-2016-5403
--

Security Fix(es):

* An out-of-bounds read/write access flaw was found in the way QEMU's VGA
emulation with VESA BIOS Extensions (VBE) support performed read/write
operations using I/O port methods. A privileged guest user could use this
flaw to execute arbitrary code on the host with the privileges of the
host's QEMU process. (CVE-2016-3710)

* Quick Emulator(QEMU) built with the virtio framework is vulnerable to an
unbounded memory allocation issue. It was found that a malicious guest
user could submit more requests than the virtqueue size permits.
Processing a request allocates a VirtQueueElement results in unbounded
memory allocation on the host controlled by the guest. (CVE-2016-5403)
--

SL5
  x86_64
    kmod-kvm-83-276.el5_11.x86_64.rpm
    kmod-kvm-debug-83-276.el5_11.x86_64.rpm
    kvm-83-276.el5_11.x86_64.rpm
    kvm-debuginfo-83-276.el5_11.x86_64.rpm
    kvm-qemu-img-83-276.el5_11.x86_64.rpm
    kvm-tools-83-276.el5_11.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2